From owner-freebsd-questions@FreeBSD.ORG Thu Jul 26 13:49:10 2012 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3188A106564A for ; Thu, 26 Jul 2012 13:49:10 +0000 (UTC) (envelope-from freebsd-listen@fabiankeil.de) Received: from smtprelay02.ispgateway.de (smtprelay02.ispgateway.de [80.67.29.24]) by mx1.freebsd.org (Postfix) with ESMTP id B5F738FC1C for ; Thu, 26 Jul 2012 13:49:09 +0000 (UTC) Received: from [78.35.180.197] (helo=fabiankeil.de) by smtprelay02.ispgateway.de with esmtpsa (TLSv1:AES128-SHA:128) (Exim 4.68) (envelope-from ) id 1SuOR4-0001UJ-Uf for freebsd-questions@freebsd.org; Thu, 26 Jul 2012 15:49:03 +0200 Date: Thu, 26 Jul 2012 15:49:00 +0200 From: Fabian Keil To: freebsd-questions@freebsd.org Message-ID: <20120726154900.2f777b04@fabiankeil.de> In-Reply-To: <20120726031450.5c06dd61@gumby.homeunix.com> References: <201207260052.q6Q0qdss086796@mail.r-bonomi.com> <20120726031450.5c06dd61@gumby.homeunix.com> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=PGP-SHA1; boundary="Sig_/_8A6vFbmClRIoz+Bx92uwDw"; protocol="application/pgp-signature" X-Df-Sender: Nzc1MDY3 Subject: Re: geli - selecting cipher X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 26 Jul 2012 13:49:10 -0000 --Sig_/_8A6vFbmClRIoz+Bx92uwDw Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable RW wrote: > On Wed, 25 Jul 2012 19:52:39 -0500 (CDT) > Robert Bonomi wrote: >=20 > > > From owner-freebsd-questions@freebsd.org Wed Jul 25 14:00:27 2012 > > > Date: Wed, 25 Jul 2012 20:57:30 +0200 (CEST) > > > From: Wojciech Puchar > > > To: freebsd-questions@freebsd.org > > > Subject: geli - selecting cipher > > > > > > i need high speed disk encryption (many disks running in parallel, > > > lots of data movement). i have processor with AES-NI. > > > > > > geli give 150MB/s performance (tested from/to md ramdisk) using > > > default and recommended AES-XTS > > > > > > and ca 400MB/s read and 700MB/s write using AES-CBC. > > > > > > I'm not cryptography expert, is CBC somehow "less secure", and if > > > so is it really a problem? > >=20 > > If you "don't know" what strength encryption you need, and/or the > > difference between the methods, you need to hire a data-security > > professional to examine your situation and make recommendations > > appropriate for _your_ needs. > >=20 > > 'CBC' -- [C]ypher [B]lock [C]hainig -- is well-suited for strictly > > -sequential- data access. Try reading the blocks of a large (say > > 10gB) file in *reverse* order and see what kind of performance you > > get. =20 >=20 > Exactly the same, in geli the encryption is done per sector.=20 >=20 >=20 > I asked a similar questions to the OPs in the geom list and didn't get > an answer. Geli doesn't need or isn't using any advantages of XTS. And > CBC in geli is actually equivalent to ESSIV (see the previously linked > wikipedia page).=20 >=20 > In the end I went with 128 bit aes-cbc since it's the fastest setting > and Bruce Schneier recommends 128 over 256 AES as being more secure. =20 Can you provide the source for the "as being more secure" part? I'm aware of the following recommendation: | And for new applications I suggest that people don't use AES-256. | AES-128 provides more than enough security margin for the forseeable | future. But if you're already using AES-256, there's no reason to change. http://www.schneier.com/blog/archives/2009/07/another_new_aes.html But (the way I interpret it) there's no claim that AES-128 is more secure either in general or in the context of disk encryption. Fabian --Sig_/_8A6vFbmClRIoz+Bx92uwDw Content-Type: application/pgp-signature; name=signature.asc Content-Disposition: attachment; filename=signature.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (FreeBSD) iEYEARECAAYFAlARSs8ACgkQBYqIVf93VJ0BKQCdGQPILQO2lG5A5+gpbUATZGte 3HoAnjZ2R1M4HDcUrOjSpQf+0ItSyy0A =J/Tp -----END PGP SIGNATURE----- --Sig_/_8A6vFbmClRIoz+Bx92uwDw--