[dm-crypt] Use of GCM mode with dm-crypt

Milan Broz mbroz at redhat.com
Wed Apr 27 11:41:01 CEST 2011


On 04/27/2011 10:40 AM, Samantha Adams wrote:
> I would like to continue the post from December 2010 concerning GCM
> as it seems to be one of the few available modes to provide data
> integrity.
> 
> It is true that GCM adds the authenication tag in every sector and as
> result we are going to have a sector bigger in size. So, it makes it
> unsuitable for use with dmcrypt.

Exactly. dmcrypt provides just transparent encryption so the ciphertext
device and plaintext device is of the same size, we have no space
to store authentication tag to.

> But is it possible to allocate some space elsewhere for the tag ? Are
> they any possible modifications we could make so we could use gcm
> with dmcrypt ?

Basically it would be new encryption DM target (it can share code
but the mapping here is different).

The crucial question where do you want to store authentication tag...
If there is some standard way, perhaphs it can be done.

But isn't better to provide these integrity services to filesystem
on top of dmcrypt? (so fs can allocate blocks storing integrity info)

Milan


More information about the dm-crypt mailing list