On Nov 16, 2010, at 05:09, Darren J Moffat wrote:
Both CCM[1] and GCM[2] are provided so that if one turns out to have
flaws hopefully the other will still be available for use safely
even though they are roughly similar styles of modes.
On systems without hardware/cpu support for Galios multiplication
(Intel Westmere and later and SPARC T3 and later) GCM will be slower
because the Galios field multiplication has to happen in software
without any hardware/cpu assist. However depending on your workload
you might not even notice the difference.
Both modes of operation are authenticating. At one point the design of
ZFS crypto had the checksum automatically go to SHA-256 when it was
enabled. [1] Is "SHA activation" still the case, or are the two modes
of operations simply used in themselves to verify data integrity?
Also, are slog and cache devices encrypted at this time? Given a pool,
and the fact that only particular data sets on it could be encrypted,
would these special devices be entirely encrypted, or only data from
the particular encrypted data set/s? I would also assume the in-memory
ARC would be clear-text.
[1] http://tinyurl.com/2asc3y5
[1]
http://arc.opensolaris.org/caselog/PSARC/2007/261/inception.materials/zfs-crypto-design.pdf
_______________________________________________
zfs-discuss mailing list
zfs-discuss@opensolaris.org
http://mail.opensolaris.org/mailman/listinfo/zfs-discuss
