From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mail.saout.de (Postfix) with ESMTP for ; Wed, 27 Apr 2011 11:41:10 +0200 (CEST) Message-ID: <4DB7E4AD.3030906@redhat.com> Date: Wed, 27 Apr 2011 11:41:01 +0200 From: Milan Broz MIME-Version: 1.0 References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Subject: Re: [dm-crypt] Use of GCM mode with dm-crypt List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Samantha Adams Cc: dm-crypt@saout.de On 04/27/2011 10:40 AM, Samantha Adams wrote: > I would like to continue the post from December 2010 concerning GCM > as it seems to be one of the few available modes to provide data > integrity. > > It is true that GCM adds the authenication tag in every sector and as > result we are going to have a sector bigger in size. So, it makes it > unsuitable for use with dmcrypt. Exactly. dmcrypt provides just transparent encryption so the ciphertext device and plaintext device is of the same size, we have no space to store authentication tag to. > But is it possible to allocate some space elsewhere for the tag ? Are > they any possible modifications we could make so we could use gcm > with dmcrypt ? Basically it would be new encryption DM target (it can share code but the mapping here is different). The crucial question where do you want to store authentication tag... If there is some standard way, perhaphs it can be done. But isn't better to provide these integrity services to filesystem on top of dmcrypt? (so fs can allocate blocks storing integrity info) Milan