From owner-freebsd-geom@FreeBSD.ORG Tue Jan 13 06:54:59 2015 Return-Path: Delivered-To: freebsd-geom@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 257F6B22; Tue, 13 Jan 2015 06:54:59 +0000 (UTC) Received: from mail-la0-x22f.google.com (mail-la0-x22f.google.com [IPv6:2a00:1450:4010:c03::22f]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id B0C0EF17; Tue, 13 Jan 2015 06:54:58 +0000 (UTC) Received: by mail-la0-f47.google.com with SMTP id hz20so1038540lab.6; Mon, 12 Jan 2015 22:54:56 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:from:reply-to:to:references:in-reply-to:subject:date :mime-version:content-type:content-transfer-encoding:thread-index :content-language; bh=hArpmUxCLW2B6v1yvIiKRBksxKyPMhQT5HGBdZCdltk=; b=nTGll3v39pVahE1pUXOeWQXw0RGOHbPTdOlotg80I3AG2WklUbarZRnvzC0+zstOyT eMlwvfgkqH+GyhAMgINjV3cin4oUKXZkoOklBeoosTe0Y6C6XTT0NgFfaRUNPUvxSLC7 M8UD62dNYZdiLuT72k9OxQhIq/FZQalJ7DtEBSp9nVmS31gcmQy04SJjysOvFV7k7Los GqgzUnV5p4/pfI+SHLZimf2+F48SXh3ItkUTPUkQ1xhGe9PFAopZisABfkElPSCEng+m 5uFaPdY4QtcXy08MOOGamv9lCiyXoG/uvh9Og5d+EXsYk2I89GbnxVKWLUu3IBL9ZSsj LIRg== X-Received: by 10.152.6.132 with SMTP id b4mr41106234laa.59.1421132096742; Mon, 12 Jan 2015 22:54:56 -0800 (PST) Received: from rimwks1w7x64 ([2001:470:1f15:8e:b007:2759:7397:9491]) by mx.google.com with ESMTPSA id is5sm583460lac.41.2015.01.12.22.54.54 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 12 Jan 2015 22:54:55 -0800 (PST) Message-ID: <54b4c13f.45c5980a.6b2c.1d44@mx.google.com> X-Google-Original-Message-ID: <026801d02efd$d6bcb7c0$84362740$@IM@gmail.com> From: rozhuk.im@gmail.com X-Google-Original-From: Reply-To: To: "'Adam Nowacki'" , , References: <54b33bfa.e31b980a.3e5d.ffffc823@mx.google.com> <54B4AE55.9090205@platinum.linux.pl> In-Reply-To: <54B4AE55.9090205@platinum.linux.pl> Subject: RE: ChaCha8/12/20 and GEOM ELI tests Date: Tue, 13 Jan 2015 09:54:53 +0300 MIME-Version: 1.0 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Mailer: Microsoft Office Outlook 12.0 Thread-Index: AdAu85//yn4xS/63R0GS0vN078AwhQACNKYg Content-Language: ru X-BeenThere: freebsd-geom@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: GEOM-specific discussions and implementations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 13 Jan 2015 06:54:59 -0000 > Maybe faster but a stream cipher is unusable for disk encryption - iv > is derived from sector number and doesn't change. Being able to write = a > known plaintext and read resulting ciphertext allows you to recover = the > cipher stream and decrypt any past or future data stored on that > sector. > Also use of XTS in this context is a no-op since: > plain text XOR tweak XOR cipher stream XOR tweak =3D plain text XOR > cipher stream Looks like you're right. Shame on me. 1. ChaCha and XChaCha and can be left in /dev/crypto for future = applications 2. Geom GELI can leave some small changes for the future - it will be = easier to add XTS algorithms. 3. AES-XTC can work faster.