Date: Thu, 2 Dec 2004 17:07:52 +0100 From: Terje Elde <terje@elde.org> To: Ivan Voras <ivoras@fer.hr> Cc: freebsd-geom@freebsd.org Subject: Re: More geom classes? Message-ID: <20041202160752.GV72822@calleigh.elde.net> In-Reply-To: <41AF3BE9.8050108@fer.hr> References: <41AE1B68.5040003@fer.hr> <20041202140527.GT72822@calleigh.elde.net> <41AF3BE9.8050108@fer.hr>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Dec 02, 2004 at 04:59:37PM +0100, Ivan Voras wrote: > >One thing that would be funny is GEOM XOR, with the possability of setting > >up two (or more) volumes, such that you write random bytes to one drive, > >and write the data xored with the random to the other. > > I could easily do that with ggate for fun, if somebody'll use it :) (Of > course, performance will probably suck, it being in userland...) ggate would be one option, but it'd be much nicer to have it as a 'real' geom module. > >Introduce RAID3 or 5 and add an extra disk, and you've for N-1 of M > >redundancy in your heavily encrypted volume. ;) > > Oh yes :) > > A password will still be required, for generating the random sequence... *cringe* The only point of using such a XOR is to end up with an effective OTP (One Time Pad). If you use a password as seed for a simple PRNG, then you're throwing away all the gain, and would be better off with GEOM BDE instead. FreeBSD 5 has a seemingly very good yarrow-based entropy source. Why not use that? The only known perfect encryption algorithm is OTP, assuming your input is perfectly random. If you use a seeded PRNG, then you'd end up reducing the security to that of a regular stream cipher. Terje
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20041202160752.GV72822>