On 18/11/2010 03:55, grarpamp wrote:
One reason you may want to select aes-128-gcm rather than aes-128-ccm is
that GCM is one of the modes for AES in NSA Suite B[3], but CCM is not.
Are there symmetric algorithms other than AES that are of interest ?
How might AES-XTS [1] be able to fit into the the ZFS picture?
It doesn't. We don't need it because we don't need to have the
ciphertext the same size as the plaintext because we have space to store
a sufficiently large MAC (and store an IV as well). This is why CCM and
GCM were chosen rather than XTS or EME2.
Additionally given the user may wish to trade off compression, dedup,
the number of encryptable blocks [2], etc for any particular selectable
algorithm.
We don't need to make those compromises in ZFS, you can compress and
encrypt and dedup (it happens in that order).
http://blogs.sun.com/darren/entry/compress_encrypt_checksum_deduplicate_with
For changing the encryption key see the discussion of 'zfs key -K' in
the zfs(1M) man page:
http://docs.sun.com/app/docs/doc/821-1462/zfs-1m?l=en&a=view
--
Darren J Moffat
_______________________________________________
zfs-discuss mailing list
zfs-discuss@opensolaris.org
http://mail.opensolaris.org/mailman/listinfo/zfs-discuss
