On Mon, Dec 1, 2014 at 4:39 AM, Austin S Hemmelgarn <ahferroin7@xxxxxxxxx> wrote: > Just because it's a filesystem doesn't always mean that speed is the most > important thing. Personally, I can think of multiple cases where using a > cryptographically strong hash would be preferable, for example: > * On an fs used solely for backup purposes > * On a fs used for /boot > * On an fs spread across a very large near-line disk array and mounted > by a system with a powerful CPU > * Almost any other case where data integrity is more important than > speed What does data integrity have to do with whether the hash is cryptographic or not? The primary difference between a cryptographic and non-cryptographic hash is that the non-cryptographic hash can be easily guessed / predicted (eg., an attack to deliberately create collisions) whereas the cryptographic hash cannot (given reasonable assumptions of CPU power). For filesystem checksums it is difficult to imagine a deliberate attack on the checksums. Consequently, the only really important quality for the hash besides speed is collision resistance. The non-crypto hashes that I have mentioned in this thread have excellent collision resistant properties. > The biggest reason to use the in-kernel Crypto API though, is that it gives > a huge amount of flexibility, and provides pretty much transparent > substitution of CPU optimized versions of the exported hash functions (for > example, you don't have to know whether or not your processor supports > Intel's CRC32 ISA extensions). Which is worse than useless if the CPU-optimized crypto hash is slower than the default non-crypto hash, and that will almost always be the case. Besides, there is nothing magic happening in the Crypto API library. If you implement your own hash, you can easily do a few checks and choose the best code for the CPU. -- To unsubscribe from this list: send the line "unsubscribe linux-btrfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
