Announcement

**tildearrow** · 06 January 2019, 12:25 PM

Typo:

Originally posted by phoronix View Post

Adiantum can perform well on low-emd ARM Cortex processors,

**ebiggers** · 06 January 2019, 02:38 PM

I'll be working on some Adiantum fscrypt encrypted storage benchmarks soon.

Michael, a couple tips in case you don't know already --- for meaningful results, make sure to enable all the relevant accelerated crypto algorithms in the kernel config for each architecture: CONFIG_CRYPTO_AES_*, CONFIG_CRYPTO_NHPOLY1305_* and CONFIG_CRYPTO_CHACHA20_*. Also for each result, mention the algorithm implementation that fscrypt used, e.g. "adiantum(xchacha12-neon,aes-arm,nhpoly1305-neon)". You can get this by running dmesg | grep 'fscrypt: .* using implementation'.

Also in the event that you test Adiantum with dm-crypt too, note that with dm-crypt Adiantum is primarily intended to be used with a 4K dm-crypt sector size, not the default of 512. E.g. with cryptsetup v2.0.6+: cryptsetup luksFormat --type luks2 --sector-size 4096 -c xchacha12,aes-adiantum-plain64 -s 256 <device>

**linner** · 06 January 2019, 03:00 PM

This should be really good for people like me running encrypted disks connected directly to ARM-based routers.

Although one wonders how secure ChaCha really is. Anything that runs fast and efficient in software could possibly be attacked very quickly with high-end hardware.

**ebiggers** · 06 January 2019, 07:53 PM

Although one wonders how secure ChaCha really is. Anything that runs fast and efficient in software could possibly be attacked very quickly with high-end hardware.

Ciphers optimized for software aren't fundamentally less secure than ciphers optimized for hardware. If anything, the better performance allows doing more rounds in less time, increasing the cryptographic strength. In the case of ChaCha, the best known attack makes it through only 7 rounds, with a time complexity of 2²³⁵. Thus ChaCha12, the variant that Adiantum uses, actually has a higher security margin than AES-256. The Adiantum template in Linux may also be instantiated with ChaCha20, which has an even higher security margin.

**FlawlessVolcano** · 07 January 2019, 12:37 PM

ebiggers Did you considered to call it "Adamantium"? I bet it would boost it's popularity significantly.

**DrYak** · 15 January 2019, 06:30 AM

Adamantium will probably become the nick name of the Chacha20 variation :-D

**markbirss** · 11 February 2019, 08:29 AM

Hi, All

Wanted to ask if it would be possible to use the Poly1305 performance enhancement for CJDNS on ARM ?

cjdns/doc/Whitepaper.md at master · cjdelisle/cjdns

https://github.com/cjdelisle/cjdns/blob/master/doc/Whitepaper.md

An encrypted IPv6 network using public-key cryptography for address allocation and a distributed hash table for routing. - cjdelisle/cjdns

Announcement

Fscrypt's Adiantum Sent In For Linux 4.21 For Speedy Disk Encryption On Low-End Hardware

Fscrypt's Adiantum Sent In For Linux 4.21 For Speedy Disk Encryption On Low-End Hardware

Comment

Comment

Comment

Comment

Comment

Comment

Comment