On 11/15/10 19:36, David Magda wrote:
On Mon, November 15, 2010 14:14, Darren J Moffat wrote:
Today Oracle Solaris 11 Express was released and is available for
download[1], this release includes on disk encryption support for ZFS.
Using ZFS encryption support can be as easy as this:
# zfs create -o encryption=on tank/darren
Enter passphrase for 'tank/darren':
Enter again:
Looking forwarding to playing with it. Some questions:
1. Is it possible to do a 'zfs create -o encryption=off
tank/darren/music' after the above command? I don't much care if my MP3s
are encrypted. :)
No, all child filesystems must be encrypted as well. This is to avoid
problems with mounting during boot / pool import. It is possible this
could be relaxed in the future but it is highly dependent on some other
things that may not work out.
2. Both CCM and GCM modes of operation are supported: can you recommended
which mode should be used when? I'm guessing it's best to accept the
default if you're not sure, but what if we want to expand our knowledge?
You've preempted my next planned posting ;-) But I'll attempt to give
an answer here:
'on' maps to aes-128-ccm, because it is the fastest of the 6 available
modes of encryption currently provided. Also I believe it is the
current wisdom of cryptographers (which I do not claim to be) that AES
128 is the preferred key length due to recent discoveries about AES 256
that are not know to impact AES 128.
Both CCM[1] and GCM[2] are provided so that if one turns out to have
flaws hopefully the other will still be available for use safely even
though they are roughly similar styles of modes.
On systems without hardware/cpu support for Galios multiplication (Intel
Westmere and later and SPARC T3 and later) GCM will be slower because
the Galios field multiplication has to happen in software without any
hardware/cpu assist. However depending on your workload you might not
even notice the difference.
One reason you may want to select aes-128-gcm rather than aes-128-ccm is
that GCM is one of the modes for AES in NSA Suite B[3], but CCM is not.
Are there symmetric algorithms other than AES that are of interest ?
The wrapping key algorithm currently matches the data encryption key
algorithm, is there interest in providing different wrapping key
algorithms and configuration properties for selecting which one ? For
example doing key wrapping with an RSA keypair/certificate ?
[1] http://en.wikipedia.org/wiki/CCM_mode
[2] http://en.wikipedia.org/wiki/Galois/Counter_Mode
[3] http://en.wikipedia.org/wiki/NSA_Suite_B_Cryptography
--
Darren J Moffat
_______________________________________________
zfs-discuss mailing list
zfs-discuss@opensolaris.org
http://mail.opensolaris.org/mailman/listinfo/zfs-discuss
