Re: filesystem encryption

New Message Reply About this list Date view Thread view Subject view Author view

Matt Blaze (mab@research.att.com)
Wed, 24 Jun 1998 13:52:26 -0400


My own experience with CFS is that, given modern (486 and later) processors,
multiple-megabyte memories, reasonable (cleartext-side) filesystem caching
algorithms, and typical (Unix, at least) user access patterms, ANY modern
cipher, even 3DES, is probably fine. I use CFS and 3DES for about half of my
home directory (which is NFS-mounted from a shared server), and I frankly
don't notice any difference between that and, say, SAFER (which CFS
also supports). The encypted directories are slower, but not so much
slower that I mind or especially notice.

On the other hand, performance for an encrypted disk device driver might be
another story altogether.

>
> Greg Rose writes:
> > mgraffam@mhv.net writes:
> > >Ok, so now I just gotta find a cipher that fits the Linux distribution
> > >model.. I figure Blowfish and SHA would work good here.. I have a
> > >feeling that ext2.c is not that pretty..
> >
> > Blowfish's "key schedule" is pretty big... I would consider SAFER for the
> > block cipher myself.
>
> How safe is "SAFER" anyway? Does anyone have good evidence on it?
>
> We have a number of interesting new algorithms that have been
> announced for the AES competition, some of which are quite fast and
> compact.
>
> Perry
>


New Message Reply About this list Date view Thread view Subject view Author view

 
All trademarks and copyrights are the property of their respective owners.

Other Directory Sites: SeekWonder | Directory Owners Forum

The following archive was created by hippie-mail 7.98617-22 on Fri Aug 21 1998 - 17:18:58 ADT