From owner-svn-src-all@freebsd.org Tue May 31 16:03:59 2016 Return-Path: Delivered-To: svn-src-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 74969B5679A; Tue, 31 May 2016 16:03:59 +0000 (UTC) (envelope-from mahrens@gmail.com) Received: from mail-lf0-x234.google.com (mail-lf0-x234.google.com [IPv6:2a00:1450:4010:c07::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id DCC761DC0; Tue, 31 May 2016 16:03:58 +0000 (UTC) (envelope-from mahrens@gmail.com) Received: by mail-lf0-x234.google.com with SMTP id b73so71320295lfb.3; Tue, 31 May 2016 09:03:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc; bh=tonzwofdne68kTXpNKcwjGdYqBK1iQEHeLPA/VOihks=; b=ZUzgDwpVy2VmbsTx5qPy8uKXgY/oQmsnKLXwkz99MQ4gfwZXdGwHZ8pulPe07vaTu9 q8zoApA60yyvrbKL3AG7ydp+YdFnbCGFiJpTsHmoHN28ps0kdLCXThA+81klJa4hZFwu OGxoxN0cQoVZQm2bQ1BJjvtWM95fQcGCYuzghvm6Rtsksig4W8HYAUM/OZaL8oHYPPtk lSUhtTy5B8XguJhFiFRJ49o8MTp967u14DipTjTofho3/2eIm3kebjhnyLGbKNLO8cOW I4XeXcBvoiivwndWecuT0sQZumOI22Laod6LW1BFo/65ra0+J2RhLBRsS/J9Y1k3/S44 zSrQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:sender:in-reply-to:references:date :message-id:subject:from:to:cc; bh=tonzwofdne68kTXpNKcwjGdYqBK1iQEHeLPA/VOihks=; b=QZjLOoBICEQy7eqnFTgOzYZxmQ2/q2XNgLrsNMN6d1XXPq9yRnFWt5excbJawtHKza kWyS5wYR8TMzQcKcN6X0ekWKI3RZT0mHhLsPstlA1KXCEIql23Oy/ZqKZUmfxsLUfNRU K8npYTuJHmwxR59ls9J5b5qh4rWjtTr3oNZXFccUoH4xsS/fZxHtSXcFX9s/oE+jjDRL oRGRyVMuU2iMlNJTbEkc/wflpl3wVr/cEAiyocSq3XO8d8R01WAF5zrTo++qGf4XVHmp TYJao/b3odYTUAazeAEj1OfvQRUei64Sgf60epJ2UtO+hBM+2pTzSmMpPaUiyZ8Utow8 91Fw== X-Gm-Message-State: ALyK8tKaNuae3qMdIdSNRFitKGTgZAVBLR/7GK4xNGKxEuM+1heorX+lMUbfVdCiOuv3mvzBtAYnmLP9hZTqdw== MIME-Version: 1.0 X-Received: by 10.25.134.2 with SMTP id i2mr7588239lfd.1.1464710636713; Tue, 31 May 2016 09:03:56 -0700 (PDT) Sender: mahrens@gmail.com Received: by 10.114.93.199 with HTTP; Tue, 31 May 2016 09:03:56 -0700 (PDT) In-Reply-To: <10b10f89-0212-2a9d-06ed-6477ef658962@freebsd.org> References: <201605310412.u4V4CEh4021513@repo.freebsd.org> <20160531144155.7e96c5a5@nonamehost.local> <10b10f89-0212-2a9d-06ed-6477ef658962@freebsd.org> Date: Tue, 31 May 2016 09:03:56 -0700 X-Google-Sender-Auth: PynjUX6CKAq_fnqk7XB-m7-XPNo Message-ID: Subject: Re: svn commit: r301010 - in head/sys: cddl/contrib/opensolaris/common/zfs cddl/contrib/opensolaris/uts/common cddl/contrib/opensolaris/uts/common/fs/zfs cddl/contrib/opensolaris/uts/common/fs/zfs/sys ... From: Matthew Ahrens To: Allan Jude Cc: Ivan Klymenko , "src-committers@freebsd.org" , svn-src-all@freebsd.org, svn-src-head@freebsd.org Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.22 X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 31 May 2016 16:03:59 -0000 On Tue, May 31, 2016 at 7:44 AM, Allan Jude wrote: > On 2016-05-31 07:41, Ivan Klymenko wrote: > > On Tue, 31 May 2016 04:12:14 +0000 (UTC) > > Allan Jude wrote: > > > >> Author: allanjude > >> Date: Tue May 31 04:12:14 2016 > >> New Revision: 301010 > >> URL: https://svnweb.freebsd.org/changeset/base/301010 > >> > >> Log: > >> Connect the SHA-512t256 and Skein hashing algorithms to ZFS > >> > >> Support for the new hashing algorithms in ZFS was introduced in > >> r289422 However it was disconnected because FreeBSD lacked > >> implementations of SHA-512 (truncated to 256 bits), and Skein. > >> > >> These implementations were introduced in r300921 and r300966 > >> respectively > >> This commit connects them to ZFS and enabled these new checksum > >> algorithms > >> This new algorithms are not supported by the boot blocks, so do not > >> use them on your root dataset if you boot from ZFS. > >> > > > > Hello. > > > > Tell me please, who is now the fastest of these algorithms? > > > > What remains of the available algorithms checksum algorithm by default? > > > > Thanks. > > > > None of the old checksums were removed > This means the available checksums are (from fastest to slowest): > > off (bad idea) > fletcher2 (not recommended, weak) > fletcher4 (default) > edon-r (not implemented, possibly insecure) > To be clear, all of the above are (possibly) insecure. Edon-R and fletcher4 are not used for dedup, so they doesn't need to be secure. Edon-R can be used for nop-write, which also doesn't need to be secure, it just needs to prevent accidental hash collisions (intentional ones are fine, because they only mess up the block being written, and if you can write then by definition you can arbitrarily modify the block being written). That said, even intentional collisions with Edon-R would be nontrivial, because of the secret salt. This is documented in the zpool-features manpage: edonr GUID org.illumos:edonr READ-ONLY COMPATIBLE no DEPENDENCIES none This feature enables the use of the Edon-R hash algorithm for checksum, including for nopwrite (if compression is also enabled, an overwrite of a block whose checksum matches the data being written will be ignored). In an abundance of caution, Edon-R can not be used with dedup (without verification). Edon-R is a very high-performance hash algorithm that was part of the NIST SHA-3 competition. It provides extremely high hash performance (over 350% faster than SHA-256), but was not selected because of its unsuitability as a general purpose secure hash algorithm. This implementation utilizes the new salted checksumming functionality in ZFS, which means that the checksum is pre-seeded with a secret 256-bit random key (stored on the pool) before being fed the data block to be checksummed. Thus the produced checksums are unique to a given pool, blocking hash collision attacks on systems with dedup. --matt > skein > sha512 > sha256 > > -- > Allan Jude > >