Re: Committing PEFS to CURRENT

From: John-Mark Gurney <jmg_at_funkthat.com>
Date: Mon, 7 Oct 2013 16:17:34 -0700
Gleb Kurtsou wrote this message on Mon, Oct 07, 2013 at 09:31 -0700:
> Patch is available here:
> https://github.com/glk/freebsd-head/commit/b4d2c4a5f42f88fdd07cb75feba3467e4d4c043c.patch

Is there a reason you are writing your own AES-NI implementation instead
of using the OpenCrypto framework?

I updated the kernel's AES-NI implementation to have a very fast
AES-XTS...   Upon looking at your implementation, you have a very
slow implementation as you do not pipeline AES-XTS at all...  Please
switch to using the opencrypto version..  You'll then be able to make
use of any accelerators that other platforms may have...

Are there plans to add authentication to this scheme?  See that as a
todo, but w/o authentication, you can't store anything reliably on it..
And w/ XTS, the attacker can take pot shots at your file in 16 byte
chuncks...

The only reason I'm running zfs on geli w/o authentication is that I'm
using a 256bit checksum, so the chances of someone modifing two blocks
to fool zfs into decrypting the correct new checksum value for their
modified block is very small...  In short, I'm trusting zfs to do the
authentication for me...

-- 
  John-Mark Gurney				Voice: +1 415 225 5579

     "All that I will do, has been done, All that I have, has not."
Received on Mon Oct 07 2013 - 21:17:36 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:40:42 UTC