From owner-freebsd-geom@FreeBSD.ORG  Thu Jan 17 01:52:19 2008
Return-Path: <owner-freebsd-geom@FreeBSD.ORG>
Delivered-To: freebsd-geom@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id D80C316A41A;
	Thu, 17 Jan 2008 01:52:19 +0000 (UTC) (envelope-from afields@ncf.ca)
Received: from saruman.ncf.ca (saruman.ncf.ca [134.117.136.37])
	by mx1.freebsd.org (Postfix) with ESMTP id AFCFC13C45B;
	Thu, 17 Jan 2008 01:52:19 +0000 (UTC) (envelope-from afields@ncf.ca)
Received: from [10.0.0.55]
	(CPE000d88cacd09-CM00159a09ff6e.cpe.net.cable.rogers.com
	[99.224.17.202])
	by saruman.ncf.ca (iPlanet Messaging Server 5.2 Patch 2 (built Jul 14
	2004)) with ESMTPSA id <0JUR00HJQE5RMH@saruman.ncf.ca>; Wed,
	16 Jan 2008 17:51:29 -0500 (EST)
Date: Wed, 16 Jan 2008 17:51:21 -0500
From: Allan Fields <afields@ncf.ca>
In-reply-to: <fmlm2k$d8q$1@ger.gmane.org>
To: Ivan Voras <ivoras@freebsd.org>
Message-id: <75FB90A1-5053-42C6-8466-1C4BF2208EF5@ncf.ca>
MIME-version: 1.0
X-Mailer: Apple Mail (2.752.2)
Content-type: text/plain; charset=US-ASCII; delsp=yes; format=flowed
Content-transfer-encoding: 7BIT
References: <9e77bdb50801160832p39619f1fm85bf1454fead3357@mail.gmail.com>
	<fmlm2k$d8q$1@ger.gmane.org>
Cc: freebsd-geom@freebsd.org
Subject: Re: Authentication with geom_eli
X-BeenThere: freebsd-geom@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: GEOM-specific discussions and implementations
	<freebsd-geom.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-geom>,
	<mailto:freebsd-geom-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-geom>
List-Post: <mailto:freebsd-geom@freebsd.org>
List-Help: <mailto:freebsd-geom-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-geom>,
	<mailto:freebsd-geom-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 17 Jan 2008 01:52:20 -0000

On 16-Jan-08, at 2:31 PM, Ivan Voras wrote:

> Cyrus Rahman wrote:
>
>> With this in mind, the addition of a less expensive authentication
>> algorithm, say a CRC, which would provide still provide a check on  
>> the
>> channel between geom_eli and the physical disk sectors without the
>> overhead of md5 or sha256, would be extremely useful.
>
> I think this discussion was held in relation with ZFS (which by  
> default does strong hashing of ALL data ALWAYS) and that somebody  
> concluded from experiments that, given the difference in speed  
> between modern CPUs and modern drives, there wasn't much difference  
> between using CRC32 and using a strong hash.
>
> Of course, on slower / embedded devices the situation is much  
> different.

Mind you perhaps this is best implemented as a separate GEOM class  
all-together.  I have had difficulty getting the GELI SHA and MD5  
hashing to perform as expected, though it initializes with-out  
error.  Perhaps this works in a new release, I will verify, if not  
I'll file pr.

Thanks,
	Allan Fields <afields@ncf.ca>