Date: Tue, 13 Jan 2015 09:54:53 +0300 From: rozhuk.im@gmail.com To: "'Adam Nowacki'" <nowakpl@platinum.linux.pl>, <freebsd-hackers@freebsd.org>, <freebsd-geom@FreeBSD.org> Subject: RE: ChaCha8/12/20 and GEOM ELI tests Message-ID: <54b4c13f.45c5980a.6b2c.1d44@mx.google.com> In-Reply-To: <54B4AE55.9090205@platinum.linux.pl> References: <54b33bfa.e31b980a.3e5d.ffffc823@mx.google.com> <54B4AE55.9090205@platinum.linux.pl>
next in thread | previous in thread | raw e-mail | index | archive | help
> Maybe faster but a stream cipher is unusable for disk encryption - iv > is derived from sector number and doesn't change. Being able to write = a > known plaintext and read resulting ciphertext allows you to recover = the > cipher stream and decrypt any past or future data stored on that > sector. > Also use of XTS in this context is a no-op since: > plain text XOR tweak XOR cipher stream XOR tweak =3D plain text XOR > cipher stream Looks like you're right. Shame on me. 1. ChaCha and XChaCha and can be left in /dev/crypto for future = applications 2. Geom GELI can leave some small changes for the future - it will be = easier to add XTS algorithms. 3. AES-XTC can work faster.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?54b4c13f.45c5980a.6b2c.1d44>