[dm-crypt] Using GCM mode with dm-crypt?
Arno Wagner
arno at wagner.name
Fri Dec 31 15:29:06 CET 2010
Are you sure it is faster? Looks slower to me, especially as
paralellism in disk encryption should be done on sector-level
anyways.
Also, it seems to require additional authentication data
(the Tag t), which makes it unsuitable for 1:1 sector
mapping.
Arno
On Fri, Dec 31, 2010 at 02:14:14PM +0300, Igor Novgorodov wrote:
> From what i've read this mode is faster than CBC due to some
> parallelism, and it's accelerated by newer Intel's PCLMUL
> instructions.
>
> But it seems that AES/GCM mode is used only with IPSEC and such.
>
> Is there any particular reason we cannot use it with disk encryption?
>
> --
> ? ?????????,
> Igor mailto:igor at novg.net
> _______________________________________________
> dm-crypt mailing list
> dm-crypt at saout.de
> http://www.saout.de/mailman/listinfo/dm-crypt
--
Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: arno at wagner.name
GnuPG: ID: 1E25338F FP: 0C30 5782 9D93 F785 E79C 0296 797F 6B50 1E25 338F
----
Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans
If it's in the news, don't worry about it. The very definition of
"news" is "something that hardly ever happens." -- Bruce Schneier
More information about the dm-crypt
mailing list