Hi, I am a PhD student and works and I am working with cryptsetup and a hw crypto engine. I am using an ATMEL board which is able to do AES-ECB mode for example. We have implemented an XTS version with all operations (XOR, GF Multiplication, 2 AES : one for IV one for data...) My question is can we use the page size instead of the block size of 512 bytes ? I have read some thread it is written that it could be a security issue but I don't agree because : Now to implement XTS I do as follows basically : I take the IV encrypt it with the second part of the key, then I compute the 32 tweaks values in -for example- an array tweak_buf[512]. Then I just have to compute the XOR with plaintext. I do a DMA encryption with ECB of the 512 bytes. Again I xor the ciphered data with tweak_buf. Then I have ciphered a whole block of 512 bytes. Now my question, the hardware is supporting a DMA operation till 4096, is it not interesting to encrypt 8 blocks at a time ? It is exactly the same operation as encrypting each block consecutively. Of course I need to pre-compute the 8 tweak_buf in a big tweak_buf[4096].Then in only one DMA operation I will be able to encrypt 4096 bytes with ECB mode. I hope you understand what I mean. Can you tell me if it is possible ? If yes can I use a previous patch, I have seen that there are some works on it ? Thank you. _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
