From owner-freebsd-stable@FreeBSD.ORG  Thu Dec  2 16:14:55 2004
Return-Path: <owner-freebsd-stable@FreeBSD.ORG>
Delivered-To: freebsd-stable@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 0303916A4CE
	for <stable@freebsd.org>; Thu,  2 Dec 2004 16:14:55 +0000 (GMT)
Received: from lara.cc.fer.hr (lara.cc.fer.hr [161.53.72.113])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 47AC543D41
	for <stable@freebsd.org>; Thu,  2 Dec 2004 16:14:54 +0000 (GMT)
	(envelope-from ivoras@fer.hr)
Received: from [127.0.0.1] (localhost.cc.fer.hr [127.0.0.1])
	by lara.cc.fer.hr (8.13.1/8.13.1) with ESMTP id iB2GEmkf017454
	for <stable@freebsd.org>; Thu, 2 Dec 2004 17:14:48 +0100 (CET)
	(envelope-from ivoras@fer.hr)
Message-ID: <41AF3F78.9070708@fer.hr>
Date: Thu, 02 Dec 2004 17:14:48 +0100
From: Ivan Voras <ivoras@fer.hr>
User-Agent: Mozilla Thunderbird 0.9 (X11/20041111)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: stable@freebsd.org
References: <41AE1B68.5040003@fer.hr>
	<20041202140527.GT72822@calleigh.elde.net>	<41AF3BE9.8050108@fer.hr>
	<20041202160752.GV72822@calleigh.elde.net>
In-Reply-To: <20041202160752.GV72822@calleigh.elde.net>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Subject: Re: More geom classes?
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Production branch of FreeBSD source code
	<freebsd-stable.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
	<mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
	<mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Dec 2004 16:14:55 -0000

Terje Elde wrote:

 > ggate would be one option, but it'd be much nicer to have it as a
 > 'real' geom module.

It would, but I don't know enough to make a kernel module.

>>A password will still be required, for generating the random sequence...
> 
> 
> *cringe*
> 
> The only point of using such a XOR is to end up with an effective OTP (One
> Time Pad).  If you use a password as seed for a simple PRNG, then you're
> throwing away all the gain, and would be better off with GEOM BDE instead.
> 
> FreeBSD 5 has a seemingly very good yarrow-based entropy source.  Why not use
> that?
> 

I think I misunderstood something. Do you propose this (for 2 disks):

for each block to be written:
a) generate a block of random data
b) write random data to first disk
c) write random data xor user data to second disk

So, as long as any person has both disks, the data can be recovered. 
Where's the security in that?