Subject: Re: Encrypted compressed vnds
To: Stephen Borrill <>
From: Bill Studenmund <>
List: tech-kern
Date: 08/07/2006 20:38:49
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Mon, Aug 07, 2006 at 10:29:49AM +0100, Stephen Borrill wrote:
> You may remember a discussion about encryption of compressed vnds that I=
> started:
> No simple effective solution was proposed (compressing a cgd-on-vnd isn't=
> going to give good compression), so I've decided to go with my original=
> plan and implement DES encryption in the compression part of the vnd=20
> driver.

I think this is a bad idea, for similar reasons to the ones others ahve=20
raised. I agree that it's better to compress before encrypting, but vnd=20
isn't the place.

I think this is a bad idea for two clear reasons. The first is that adding=
a compressing layer, which'd be stacked above the cgd layer, is a clean,=20
extensible architecture.

The second one is that we have already had issues wit cgd's design, which=
we have fixed. The point is that doing crypto right isn't easy. One=20
algorithm won't cut it. Today, someone will need more security and someone=
else will need more performance. And as time goes by, algorithms that are=
fine now will be considered inappropriate and later they will be=20
considered insecure.

To really do this nearly-right, you'll have to reimplement cgd. That's not=
a good idea. A compression stacking layer sounds like a much more useful=20

Take care,


Content-Type: application/pgp-signature
Content-Disposition: inline

Version: GnuPG v1.4.3 (NetBSD)