On Dec 15, 2021, at 17:09, Eric Biggers <ebiggers@xxxxxxxxxx> wrote: > On Mon, Dec 13, 2021 at 04:51:59PM -0800, Chang S. Bae wrote: >> == Disk Encryption Use Case == <snip> >> $ cryptsetup luksFormat --cipher="capi:xts-aes-aeskl-plain" <device> > > plain64 is supposed to be used these days, not plain. I see. >> == Non Use Cases == >> >> Bare metal disk encryption is the only use case intended by these patches. > > Since dm-crypt is the use case for these patches, you probably should CC this > patchset to dm-devel@xxxxxxxxxx so that the dm-crypt developers are aware of it. Oh, I should have included them. I was not aware of this mailing address. Hi DM-crypt folks, Here is the patch series: https://lore.kernel.org/lkml/20211214005212.20588-1-chang.seok.bae@xxxxxxxxx/t/ I would appreciate if you give any feedback on this feature’s use case with yours. >> +-----------+---------------+---------------+ >> | Cipher | Encryption | Decryption | >> | (AES-KL) | (MiB/s) | (MiB/s) | >> +-----------+---------------+---------------+ >> | AES-CBC | 505.3 | 2097.8 | >> | AES-XTS | 1130 | 696.4 | >> +-----------+-------------------------------+ > > Why is AES-XTS decryption so much slower than AES-XTS encryption? They should > be about the same. Analyzing and understanding this with specific hardware implementation takes time for us. Will come back and update you when we have anything to share here. > Also, is the AES-CBC support really useful, given that for disk encryption, > AES-XTS is recommended over AES-CBC these days? Yes, we understand that AES-XTS is the primary option for disk encryption. But it seems that AES-CBC had been used for disk encryption, [1]: Comparing XTS to CBC for hard disk encryption If a storage device vendor is seeking FIPS 140-2 certification today, they will typically use CBC encryption, or even ECB. CBC is a good mode, ... As long as it is factual that the mode was once popular, it can help somebody who wants to use Key Locker for an old disk image I think. Thanks, Chang [1] https://csrc.nist.gov/CSRC/media/Projects/Block-Cipher-Techniques/documents/BCM/Comments/XTS/XTS_comments-Ball.pdf