On Mon, Nov 19, 2018 at 9:05 PM Milan Broz wrote:
> p.s.
> Reading the discussion about Zinc/Adiantum - I would perhaps prefer to merge
> Adiantum first (if it is ready).
> It is a new feature, I see it as useful cipher alternative for dm-crypt and
> it can be
> esily backported without Zinc to o
Hi,
On 19/11/2018 20:28, Eric Biggers wrote:
> Note that Adiantum benchmarks on x86 are misleading at the moment, since the
> initial kernel patchset doesn't include SSE2 and AVX2 optimized XChaCha and
> NHPoly1305. To start, only C and arm32 NEON implementations are included.
> Hence, on x86 Adi
Hi Milan,
On Sat, Nov 17, 2018 at 11:29:23AM +0100, Milan Broz wrote:
> On 16/11/2018 22:52, Eric Biggers wrote:
> > Hi Milan,
> >
> > On Sat, Oct 20, 2018 at 12:26:20PM +0200, Milan Broz wrote:
> >>
> >> Adiantum (as in your current git branches on kernel.org) can be used for
> >> dm-crypt
> >>
On 16/11/2018 22:52, Eric Biggers wrote:
> Hi Milan,
>
> On Sat, Oct 20, 2018 at 12:26:20PM +0200, Milan Broz wrote:
>>
>> Adiantum (as in your current git branches on kernel.org) can be used for
>> dm-crypt
>> without any changes (yes, I played with it :) and with some easy tricks
>> directly
>
Hi Milan,
On Sat, Oct 20, 2018 at 12:26:20PM +0200, Milan Broz wrote:
>
> Adiantum (as in your current git branches on kernel.org) can be used for
> dm-crypt
> without any changes (yes, I played with it :) and with some easy tricks
> directly
> through cryptsetup/LUKS as well.
>
> I think we s
On Sun, 21 Oct 2018 at 15:52, Jason A. Donenfeld wrote:
> > [1] Originally we were going to define Adiantum's hash function to be
> > Poly1305(message_length || tweak_length || tweak || NH(message)), which
> > would have made it desirable to export the Poly1305 state before NH, so
> > tha
> On 19-Oct-18 8:19 PM, Paul Crowley wrote:
>> I would prefer not to wait. Unlike a new primitive whose strength can
>> only be known through attempts at cryptanalysis, Adiantum is a
>> construction based on
>> well-understood and trusted primitives; it is secure if the proof
>> accompanying it is
Hey Eric,
On Mon, Oct 22, 2018 at 12:23 AM Eric Biggers wrote:
> I started a branch based on Zinc:
Nice to see. I'm heading to bed in a second, so I'll give this a
thorough read-through tomorrow, but some preliminary notes on your
comments:
> For Poly1305, for now I decided to just use the exis
On Fri, Oct 19, 2018 at 12:04:11PM -0700, Eric Biggers wrote:
> Hi Jason,
>
> On Fri, Oct 19, 2018 at 05:58:35PM +0200, Jason A. Donenfeld wrote:
> > Hello Eric,
> >
> > > As before, some of these patches conflict with the new "Zinc" crypto
> > > library. But I don't know when Zinc will be merge
Hi Milan,
On Sat, Oct 20, 2018 at 12:53 PM Milan Broz wrote:
> Does it mean, that if Adiantum is based on Zinc, it can be no longer used
> for FDE (dm-crypt)? IOW only file-based encryption is possible?
No, don't worry. All I had in mind was the software implementations of
chacha12 and so forth.
On 19/10/2018 21:04, Eric Biggers wrote:
> Hi Jason,
>
> On Fri, Oct 19, 2018 at 05:58:35PM +0200, Jason A. Donenfeld wrote:
>> Hello Eric,
>>
>>> As before, some of these patches conflict with the new "Zinc" crypto
>>> library. But I don't know when Zinc will be merged, so for now I've
>>> conti
Hi Ard,
On Sat, Oct 20, 2018 at 11:24:05AM +0800, Ard Biesheuvel wrote:
> On 20 October 2018 at 02:19, Paul Crowley wrote:
> > On Fri, 19 Oct 2018 at 08:58, Jason A. Donenfeld wrote:
> >> Before merging this into the kernel, do you want to wait until you've
> >> received some public review from
On 20 October 2018 at 02:19, Paul Crowley wrote:
> On Fri, 19 Oct 2018 at 08:58, Jason A. Donenfeld wrote:
>> Before merging this into the kernel, do you want to wait until you've
>> received some public review from academia?
>
> I would prefer not to wait. Unlike a new primitive whose strength c
Hi Jason,
On Fri, Oct 19, 2018 at 05:58:35PM +0200, Jason A. Donenfeld wrote:
> Hello Eric,
>
> > As before, some of these patches conflict with the new "Zinc" crypto
> > library. But I don't know when Zinc will be merged, so for now I've
> > continued to base this patchset on the current 'crypt
On Fri, 19 Oct 2018 at 08:58, Jason A. Donenfeld wrote:
> Before merging this into the kernel, do you want to wait until you've
> received some public review from academia?
I would prefer not to wait. Unlike a new primitive whose strength can
only be known through attempts at cryptanalysis, Adian
Hello Eric,
> As before, some of these patches conflict with the new "Zinc" crypto
> library. But I don't know when Zinc will be merged, so for now I've
> continued to base this patchset on the current 'cryptodev'.
I'd appreciate it if you waited to merge this until you can rebase it
on top of Z
16 matches
Mail list logo
