On 9.4.2013 20:08, Mikulas Patocka wrote: > > > On Tue, 26 Mar 2013, Milan Broz wrote: > >> - Are we sure we are not inroducing some another side channel in disc >> encryption? (Unprivileged user can measure timing here). >> (Perhaps stupid reason but please do not prefer performance to security >> in encryption. Enough we have timing attacks for AES implementations...) > > So use serpent - it is implemented without any data-dependent lookup > tables, so it has no timing attacks.
I wish using something different than AES is just such simple technical issue for many people. But e.g. just try it in FIPS mode where AES is the only option:-) Anyway, using bio_associate_current() seems to be the right way to try now... Milan -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
