From owner-freebsd-geom@FreeBSD.ORG Fri Jan 16 00:24:16 2015 Return-Path: Delivered-To: freebsd-geom@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id DBB129B3; Fri, 16 Jan 2015 00:24:16 +0000 (UTC) Received: from mail.highsecure.ru (l.highsecure.ru [5.9.155.182]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 8BB79897; Fri, 16 Jan 2015 00:24:15 +0000 (UTC) Received: from [172.24.168.60] (global-2-11.nat.csx.cam.ac.uk [131.111.185.11]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: vsevolod@highsecure.ru) by mail.highsecure.ru (Postfix) with ESMTPSA id AC75F300162; Fri, 16 Jan 2015 01:24:04 +0100 (CET) Message-ID: <54B85A25.6010806@highsecure.ru> Date: Fri, 16 Jan 2015 00:24:05 +0000 From: Vsevolod Stakhov User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.2.0 MIME-Version: 1.0 To: Rozhuk.IM@gmail.com Subject: Re: ChaCha8/12/20 and GEOM ELI tests References: <54B4AE55.9090205@platinum.linux.pl> <54b5d299.4914980a.61cd.43a6@mx.google.com> <20150114041708.GA3189@reks> <54b601ec.0515980a.0c9c.47e1@mx.google.com> <20150114082019.GA3669@reks> <54b6ae4c.0905990a.6c9c.642e@mx.google.com> <54b6b91b.2aa3700a.3a6c.47b5@mx.google.com> <54B6C6B7.4070407@platinum.linux.pl> <54b709fb.0739700a.2970.ffffa14a@mx.google.com> <20150115150316.GB1190@garage.freebsd.pl> <54b85491.4925980a.17c4.2b00@mx.google.com> In-Reply-To: <54b85491.4925980a.17c4.2b00@mx.google.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=highsecure.ru; s=dkim; t=1421367845; bh=YaV7C2tjosHBG5urmT0V8dR3hAa/rv3G5D3ugOgrjHw=; h=Message-ID:Date:From:MIME-Version:To:CC:Subject:References:In-Reply-To:Content-Type:Content-Transfer-Encoding; b=wQkFPGlXAVnwss7B41Nq9+mKduE0WKqUKG9SbKBfWfb2d2/OvnKNvpJGsiny1L+ZKnFUANtMWMChefe2fHp2acJOelnE+HK/do4+TL4ICWn0K8dHCX1LelKiBHeQGs7sDx7bL0vCg1wkzKnHo0cwogAVShN3Aqo5gKF1s0Mhm2k= Cc: freebsd-hackers@freebsd.org, 'Adam Nowacki' , 'freebsd-geom' X-BeenThere: freebsd-geom@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: GEOM-specific discussions and implementations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 16 Jan 2015 00:24:17 -0000 On 16/01/15 00:00, rozhuk.im@gmail.com wrote: >> I'm very happy that you have spent the time to play with GELI code and >> I hope you will continue to work on it, but this particular change >> won't be accepted as part of GELI, please accept that even if you don't >> fully agree. Stream ciphers are not compatible with GELI design. > > Hopefully ChaCha gets into /dev/crypto. > > >> Using chacha might be a better fit for GBDE, where encryption keys are >> generated and stored for every write, so there should be no risk with >> reusing a key stream. This of course also require further analysis. >> >> If you would like to spend some more time with GELI, I'd suggest for >> starters to preparing a patch that removes support for MD5, SHA1 and >> RIPEMD160. > > Options I have not so much. > 1. Drink vodka and use slow AES-XTS :) > 2. Use ChaCha GELI private patch > 3. Write Geom node. > > Cipher = ChaCha/XChaCha > Hash = Blake2 - https://blake2.net/ > Key1 = key for cipher > Key2 = key hor HMAC > IV = HMAC(Key2, ('plain text data' + 'sector num')) = (8/24 bytes) > What about the fourth funny option - trying threefish which is claimed to be a very fast tweakable block cipher?