Problems with migration from SuSE's loop_twofish to loop-AES

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi,

I have been using SuSE 7.1 with an updated kernel 2.4.16-4GB from SuSE
including loop_fish2 module. I have an encrypted partition using the
SuSE twofish module. The fstab-entry for ot looks like this:

/dev/hdd2	/mnt/	reiserfs	loop,encryption=twofish,noauto,user 1 2

As you can see, I am using reiserfs instead of ext2, as stated in
the loop-AES READMEs. This works just fine.

The problem is that I want to migrate to Debian Woody 3.0r0. I am using
Debians kernel 2.4.20 with loop-AES v1.7a and ciphers-v1.1a and
util-linux-2.11.y. All the components work very well, loop-AES is
very fast, even with AES256. But I am not able to mount the
encrypted partition when running Debian with loop-AES. I already
tried all possible options, this means

losetup -e twofish(128|196|256) with and without -H and -I options

mount ..... -o loop,encryption=all three twofishes, with and without phash 
(all possible values) and loinit (both values) (I used the readonly switch
in all cases, of course.)

but I just can not mount the device. Something seems to be wrong
with the decryption, because if I look at the loopdevice with

cat /dev/loopX | od -s 

from inside the running SuSE system there are many "ReIsErFS" strings on the loop-device,
which seems to some ReiserFS header. But in all above mentioned cases doing this
when running from Debian with loop-AES twofish I don't get ANY ReiserFS strings.

Another strange thing I do not understand is when I do a

head -c15 /dev/urandom | uuencode -m - | head -2 | tail -1 \
	| losetup -p 0 -e AESxxx /dev/loopX /dev/hdaX
time dd if=dev/zero of=dev/loopX bs=4k conv=notrunc 2>/dev/null

the used time is always the same, regerdles if using AES128, AES192 or AES256. So
obviously the harddisk is the bottleneck here. But WHY is the idle-time,
as shown by top in all three cases at 82% on my PIII-500MHz machine? Shouldn't
AES192 use more cycles then AES128, and AES256 more than AES192? Is something
going wrong here?

I am absolutely clueless, PLEASE HELP!

-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/
[Index of Archives]     [Kernel]     [Linux Crypto]     [Gnu Crypto]     [Gnu Classpath]     [Netfilter]     [Bugtraq]
  Powered by Linux