Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 27 Jul 2012 22:24:40 +0200 (CEST)
From:      Wojciech Puchar <wojtek@wojtek.tensor.gdynia.pl>
To:        Fabian Keil <freebsd-listen@fabiankeil.de>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: geli - selecting cipher
Message-ID:  <alpine.BSF.2.00.1207272219350.1795@wojtek.tensor.gdynia.pl>
In-Reply-To: <20120727182654.339ca39a@fabiankeil.de>
References:  <alpine.BSF.2.00.1207252055180.9814@wojtek.tensor.gdynia.pl> <201207260052.q6Q0qdss086796@mail.r-bonomi.com> <20120726031450.5c06dd61@gumby.homeunix.com> <juropu$hvb$1@dough.gmane.org> <20120727153612.1e69d8ec@gumby.homeunix.com> <20120727182654.339ca39a@fabiankeil.de>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
> Saying that geli's CBC implementation "is good enough" for someone
> seems to imply that it's somehow worse than XTS in general. Could you

true. i still don't really understand the difference.

I don't need actually anything other that inability to read data from my 
disk for a potential thief.


> The rationale of the change isn't clear to me either.
> Until recently I wasn't aware of the performance impact, though.

It is huge 5-8 times depending if you have hardware acceleration or not. 
AES-CBC is fast enough so encrypting SSD drives make sense.





Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?alpine.BSF.2.00.1207272219350.1795>