ChaCha8/12/20 and GEOM ELI tests
rozhuk.im at gmail.com
rozhuk.im at gmail.com
Tue Jan 13 06:54:59 UTC 2015
> Maybe faster but a stream cipher is unusable for disk encryption - iv
> is derived from sector number and doesn't change. Being able to write a
> known plaintext and read resulting ciphertext allows you to recover the
> cipher stream and decrypt any past or future data stored on that
> sector.
> Also use of XTS in this context is a no-op since:
> plain text XOR tweak XOR cipher stream XOR tweak = plain text XOR
> cipher stream
Looks like you're right.
Shame on me.
1. ChaCha and XChaCha and can be left in /dev/crypto for future applications
2. Geom GELI can leave some small changes for the future - it will be easier to add XTS algorithms.
3. AES-XTC can work faster.
More information about the freebsd-geom
mailing list