search

eternaltyro / cryptsetup

Since Google code is shuttering...
http://code.google.com/p/cryptsetup
GNU General Public License v2.0
0 stars 0 forks source link

Support for wide-block encryption #156

Open GoogleCodeExporter opened 9 years ago

GoogleCodeExporter commented 9 years ago 
Yes, I have read various patent chats and rants.  Someone brings up the word 
"patent" and the discussion peters out.  Then next year someone starts the 
discussion again but nobody sees any new code.

EME2 (EME*) and XCB seem to be the nicest ones right now.  I have used EME 
since 2007 with loop-AES, but I want to migrate away from loop-AES because of 
maintenance required with loop.c and util-linux patches (and a couple of other 
issues).

So, if someone has code for cryptsetup and kernel, share here.

P1619.2 Wide-Block Encryption
http://siswg.net/index.php?option=com_content&task=view&id=36&Itemid=1
(xorPartial and multByAlpha can be made very fast by using 64bit operations in 
eme2-ref.c)

Original issue reported on code.google.com by hvtaifwk...@gmail.com on 24 Apr 2013 at 7:36

GoogleCodeExporter commented 9 years ago 
Yes, I fully agree (btw you mean discussion on dmcrypt list ~ Feb 2013?).

But this need to be implemented inside Linux kernel crypto API.

In fact, no change needed in dmcrypt/cryptsetup - once crypto API provides wide 
mode implementation, you can start to use it.

Anyway, I will keep this issue open, I would like to have some wide mode like 
EME2 in kernel as well, maybe we will find someone who has time to implement it 
:-)

BTW loop-AES directly supports EME? Or you need some separate patch for it? I 
do not remember it is there but I do not use it regularly...

Original comment by gmazyl...@gmail.com on 24 Apr 2013 at 8:51

GoogleCodeExporter commented 9 years ago 
[deleted comment]
GoogleCodeExporter commented 9 years ago 
Feb 2013, yes. Maybe also 2011.

I haven't read cryptsetup source code very closely, but it would not need any 
patches even if EME2 used 4096B sector size in kernel, you say?

I had to make patches to loop-AES+util-linux, IIRC the maintainer was a bit 
patent-averse, but otherwise helpful.

Original comment by hvtaifwk...@gmail.com on 24 Apr 2013 at 9:14

GoogleCodeExporter commented 9 years ago 
I meant wide mode for 512 bytes sector. Larger sector need patches (but 
independent from EME2 implementation).
(See Issue#150)

Original comment by gmazyl...@gmail.com on 24 Apr 2013 at 9:28