Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 2 Dec 2004 17:07:52 +0100
From:      Terje Elde <terje@elde.org>
To:        Ivan Voras <ivoras@fer.hr>
Cc:        freebsd-geom@freebsd.org
Subject:   Re: More geom classes?
Message-ID:  <20041202160752.GV72822@calleigh.elde.net>
In-Reply-To: <41AF3BE9.8050108@fer.hr>
References:  <41AE1B68.5040003@fer.hr> <20041202140527.GT72822@calleigh.elde.net> <41AF3BE9.8050108@fer.hr>

next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Dec 02, 2004 at 04:59:37PM +0100, Ivan Voras wrote:
> >One thing that would be funny is GEOM XOR, with the possability of setting
> >up two (or more) volumes, such that you write random bytes to one drive,
> >and write the data xored with the random to the other.
> 
> I could easily do that with ggate for fun, if somebody'll use it :) (Of 
> course, performance will probably suck, it being in userland...)

ggate would be one option, but it'd be much nicer to have it as a 'real' geom
module.

> >Introduce RAID3 or 5 and add an extra disk, and you've for N-1 of M
> >redundancy in your heavily encrypted volume. ;)
> 
> Oh yes :)
> 
> A password will still be required, for generating the random sequence...

*cringe*

The only point of using such a XOR is to end up with an effective OTP (One
Time Pad).  If you use a password as seed for a simple PRNG, then you're
throwing away all the gain, and would be better off with GEOM BDE instead.

FreeBSD 5 has a seemingly very good yarrow-based entropy source.  Why not use
that?

The only known perfect encryption algorithm is OTP, assuming your input is
perfectly random.  If you use a seeded PRNG, then you'd end up reducing the
security to that of a regular stream cipher.

Terje




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20041202160752.GV72822>