From owner-freebsd-geom@FreeBSD.ORG Sat Jan 31 01:45:01 2015 Return-Path: Delivered-To: freebsd-geom@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A5E34189; Sat, 31 Jan 2015 01:45:01 +0000 (UTC) Received: from gold.funkthat.com (gate2.funkthat.com [208.87.223.18]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "gold.funkthat.com", Issuer "gold.funkthat.com" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 72A1E6EF; Sat, 31 Jan 2015 01:45:01 +0000 (UTC) Received: from gold.funkthat.com (localhost [127.0.0.1]) by gold.funkthat.com (8.14.5/8.14.5) with ESMTP id t0V1iuLb087871 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 30 Jan 2015 17:44:56 -0800 (PST) (envelope-from jmg@gold.funkthat.com) Received: (from jmg@localhost) by gold.funkthat.com (8.14.5/8.14.5/Submit) id t0V1itOi087870; Fri, 30 Jan 2015 17:44:55 -0800 (PST) (envelope-from jmg) Date: Fri, 30 Jan 2015 17:44:55 -0800 From: John-Mark Gurney To: rozhuk.im@gmail.com Subject: Re: ChaCha8/12/20 and GEOM ELI tests Message-ID: <20150131014454.GQ27103@funkthat.com> References: <54b33bfa.e31b980a.3e5d.ffffc823@mx.google.com> <54B4AE55.9090205@platinum.linux.pl> <54b5d299.4914980a.61cd.43a6@mx.google.com> <20150114041708.GA3189@reks> <54b601ec.0515980a.0c9c.47e1@mx.google.com> <20150114082019.GA3669@reks> <54b6ae4c.0905990a.6c9c.642e@mx.google.com> <54b6b91b.2aa3700a.3a6c.47b5@mx.google.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <54b6b91b.2aa3700a.3a6c.47b5@mx.google.com> X-Operating-System: FreeBSD 9.1-PRERELEASE amd64 X-PGP-Fingerprint: 54BA 873B 6515 3F10 9E88 9322 9CB1 8F74 6D3F A396 X-Files: The truth is out there X-URL: http://resnet.uoregon.edu/~gurney_j/ X-Resume: http://resnet.uoregon.edu/~gurney_j/resume.html X-TipJar: bitcoin:13Qmb6AeTgQecazTWph4XasEsP7nGRbAPE X-to-the-FBI-CIA-and-NSA: HI! HOW YA DOIN? can i haz chizburger? User-Agent: Mutt/1.5.21 (2010-09-15) X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.7 (gold.funkthat.com [127.0.0.1]); Fri, 30 Jan 2015 17:44:56 -0800 (PST) Cc: 'Alaksiej' , 'freebsd-geom' , 'Adam Nowacki' , freebsd-hackers@freebsd.org, 'Gleb Kurtsou' X-BeenThere: freebsd-geom@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: GEOM-specific discussions and implementations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 31 Jan 2015 01:45:01 -0000 rozhuk.im@gmail.com wrote this message on Wed, Jan 14, 2015 at 21:44 +0300: > > Excuse me, but if you think your physical medium is either 100% > > inaccessible to an adversary, or simply not worth a real attack, and > > the speed is the concern, then why do you want to use any encryption at > > all? > > 100% is not available yet introduced GELI keys / mounted drive. > AES-XTS is good but too slow. You do realize that AES-XTS can get >900MB/sec on md mounted disks when AES-NI is available? and that is single cpu... Make sure you're running 10 or later... -- John-Mark Gurney Voice: +1 415 225 5579 "All that I will do, has been done, All that I have, has not." From owner-freebsd-geom@FreeBSD.ORG Sat Jan 31 02:21:52 2015 Return-Path: Delivered-To: freebsd-geom@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id BF857942; Sat, 31 Jan 2015 02:21:52 +0000 (UTC) Received: from mail-la0-x22d.google.com (mail-la0-x22d.google.com [IPv6:2a00:1450:4010:c03::22d]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 354C7A86; Sat, 31 Jan 2015 02:21:52 +0000 (UTC) Received: by mail-la0-f45.google.com with SMTP id gd6so26598845lab.4; Fri, 30 Jan 2015 18:21:49 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:from:reply-to:to:cc:references:in-reply-to:subject:date :mime-version:content-type:content-transfer-encoding:thread-index :content-language; bh=NfuZNRiHGoE97zHQu6yyW+HYMtQxb0P4QoVMtYAVuh0=; b=O2wh9UR1MZs17VYjwPtYqQov14ZH7s25sXjyzNwKQcvVx8TcVJkNI1pQysmw8IXL3W 8AAIn2O43qyl6TXaRJ9WHR0kBto6/R+no2y68l8ASaYXFb5UJTJvITm/kTahzcbFVwri tlHmbZ4qC0rHmRDAdedIr5KkrWROGK3RIPiUm6I6bLoVlVdsmIa2b3QOa5qa7MJi4qlP J4lmHak6dG7xxLGUsOlHbx9IUoy1EO+X7FTXf5GPonDFrHduwSuoExjQ8hmqEdhCE9vc aPjYDlaLZ1dfw5DaWSfJuFYyXPA5Nx7NaEeS6vYzNPv1df0IxGUeVyqQvHP/fhXsJKJC 6efg== X-Received: by 10.152.203.230 with SMTP id kt6mr9175791lac.38.1422670909668; Fri, 30 Jan 2015 18:21:49 -0800 (PST) Received: from w7x64wksv ([2001:470:1f15:8e:983f:fc01:8a3b:4b95]) by mx.google.com with ESMTPSA id w6sm507098law.28.2015.01.30.18.21.47 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Fri, 30 Jan 2015 18:21:48 -0800 (PST) Message-ID: <54cc3c3c.0606980a.77ac.1d77@mx.google.com> X-Google-Original-Message-ID: <001101d03cfc$ab12de30$01389a90$@IM@gmail.com> From: rozhuk.im@gmail.com X-Google-Original-From: Reply-To: To: "'John-Mark Gurney'" References: <54b33bfa.e31b980a.3e5d.ffffc823@mx.google.com> <54B4AE55.9090205@platinum.linux.pl> <54b5d299.4914980a.61cd.43a6@mx.google.com> <20150114041708.GA3189@reks> <54b601ec.0515980a.0c9c.47e1@mx.google.com> <20150114082019.GA3669@reks> <54b6ae4c.0905990a.6c9c.642e@mx.google.com> <54b6b91b.2aa3700a.3a6c.47b5@mx.google.com> <20150131014454.GQ27103@funkthat.com> In-Reply-To: <20150131014454.GQ27103@funkthat.com> Subject: RE: ChaCha8/12/20 and GEOM ELI tests Date: Sat, 31 Jan 2015 05:21:46 +0300 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Office Outlook 12.0 Thread-Index: AdA894f/gA/UaejuTd6CBHbbYRS6qAAA9euQ Content-Language: ru Cc: 'Alaksiej' , 'freebsd-geom' , 'Adam Nowacki' , freebsd-hackers@freebsd.org, 'Gleb Kurtsou' X-BeenThere: freebsd-geom@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: GEOM-specific discussions and implementations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 31 Jan 2015 02:21:52 -0000 > > > Excuse me, but if you think your physical medium is either 100% > > > inaccessible to an adversary, or simply not worth a real attack, > and > > > the speed is the concern, then why do you want to use any > encryption > > > at all? > > > > 100% is not available yet introduced GELI keys / mounted drive. > > AES-XTS is good but too slow. > > You do realize that AES-XTS can get >900MB/sec on md mounted disks when > AES-NI is available? and that is single cpu... Make sure you're > running 10 or later... > 650 MB/sec on AMD 5350 with AES-NI. 540 MB/sec on same CPU - ChaCha8 480 MB/sec - ChaCha12 140 MB/sec - AES without AES-NI. I have only ONE CPU with AES-NI. Also, non x86 CPU does not have AES-NI.