From owner-freebsd-geom@FreeBSD.ORG  Wed Jan 14 18:44:47 2015
Return-Path: <owner-freebsd-geom@FreeBSD.ORG>
Delivered-To: freebsd-geom@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 6D53A56D;
 Wed, 14 Jan 2015 18:44:47 +0000 (UTC)
Received: from mail-la0-x232.google.com (mail-la0-x232.google.com
 [IPv6:2a00:1450:4010:c03::232])
 (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id D8F55A46;
 Wed, 14 Jan 2015 18:44:46 +0000 (UTC)
Received: by mail-la0-f50.google.com with SMTP id pn19so9692542lab.9;
 Wed, 14 Jan 2015 10:44:45 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=message-id:from:reply-to:to:cc:references:in-reply-to:subject:date
 :mime-version:content-type:content-transfer-encoding:thread-index
 :content-language;
 bh=OVfyOr0RMru1lm8zEOuJnceyOfeOXl32O6+bVdSpbno=;
 b=N9YNYcAyQlcoQTr7HkCACWtCxjK9YkoxNJLjSSy3eUhc+iALDAn3xedH4z0yYrUwJz
 r9fLgYQhSbIsX1sqRxkvWPJnsmjU1ygJ0dodWguIAXBLAh6cvNj7WLMdT8QK/F6N4lHU
 QwSG0pLl7ED/J2gRnxoAnQxZqFgqCxazy0nLcStbhW+UTHPQeL4dmwQnpFm6bi4FhIlg
 33I6YQK+X+7Yaztinn5ay3ZxxSdI9073lTC/QMGONFv25i0b4FLCux7X5WV+MEcYmBVZ
 qg1SK6arTJ/El1zVlOcEMt1FzvXpQB6WVKjudv2blqSgaIx0lL6AiTW4cYd3g9LoMoJd
 FyTg==
X-Received: by 10.112.57.226 with SMTP id l2mr5515037lbq.27.1421261084945;
 Wed, 14 Jan 2015 10:44:44 -0800 (PST)
Received: from rimwks1w7x64 ([2001:470:1f15:8e:b007:2759:7397:9491])
 by mx.google.com with ESMTPSA id yf10sm6142040lbb.9.2015.01.14.10.44.42
 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-SHA bits=128/128);
 Wed, 14 Jan 2015 10:44:43 -0800 (PST)
Message-ID: <54b6b91b.2aa3700a.3a6c.47b5@mx.google.com>
X-Google-Original-Message-ID: <02a701d0302a$2991e010$7cb5a030$@IM@gmail.com>
From: rozhuk.im@gmail.com
X-Google-Original-From: <Rozhuk.IM@gmail.com>
Reply-To: <Rozhuk.IM@gmail.com>
To: "'Alaksiej'" <ac@belngo.info>
References: <54b33bfa.e31b980a.3e5d.ffffc823@mx.google.com>
 <54B4AE55.9090205@platinum.linux.pl>
 <54b5d299.4914980a.61cd.43a6@mx.google.com> <20150114041708.GA3189@reks>
 <54b601ec.0515980a.0c9c.47e1@mx.google.com> <20150114082019.GA3669@reks>
 <54b6ae4c.0905990a.6c9c.642e@mx.google.com>
 <CAHsZcQH1BTz0Yn+xsRFjBxizOLaR=40Rh+_3TEmt6Q2mALTOog@mail.gmail.com>
In-Reply-To: <CAHsZcQH1BTz0Yn+xsRFjBxizOLaR=40Rh+_3TEmt6Q2mALTOog@mail.gmail.com>
Subject: RE: ChaCha8/12/20 and GEOM ELI tests
Date: Wed, 14 Jan 2015 21:44:41 +0300
MIME-Version: 1.0
Content-Type: text/plain;
	charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Mailer: Microsoft Office Outlook 12.0
Thread-Index: AdAwJPHzQEPWGlhIRJKyDUR4Gd9wQAAAu60w
Content-Language: ru
Cc: 'Gleb Kurtsou' <gleb@freebsd.org>,
 'freebsd-geom' <freebsd-geom@freebsd.org>,
 'Adam Nowacki' <nowakpl@platinum.linux.pl>, freebsd-hackers@freebsd.org
X-BeenThere: freebsd-geom@freebsd.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: GEOM-specific discussions and implementations
 <freebsd-geom.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-geom>,
 <mailto:freebsd-geom-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-geom/>
List-Post: <mailto:freebsd-geom@freebsd.org>
List-Help: <mailto:freebsd-geom-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-geom>,
 <mailto:freebsd-geom-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Jan 2015 18:44:47 -0000

> Excuse me, but if you think your physical medium is either 100%
> inaccessible to an adversary, or simply not worth a real attack, and
> the speed is the concern, then why do you want to use any encryption =
at
> all?

100% is not available yet introduced GELI keys / mounted drive.
AES-XTS is good but too slow.
ChaCha is already enough to cryptography was not a bottleneck.

The case when the disks - local (SATA/SAS/IDE/USB), keys entered / disk =
is mounted and the attacker has access I do not see because AES-XTS does =
not help.