svnd vs softraid for encrypting /home et al

In message <http://marc.info/?l=openbsd-misc&m=125695406905777&w=1>
Ted Unangst wrote (commenting on using svnd for encrypting /home on
an OpenBSD laptop)
> 2.  People should be advised to use softraid crypto now.

I'd like to ask a more general question: what are the tradeoffs between
svnd and softraid for this sort of application (encrypting /home or
some other piece(s) of a laptop's disk)?

Please note I am *not* trying to be argumentative here -- I would
genuinely like to find out more about the tradeoffs.  I currently have
multiple svnd-encrypted filesystems on 2 laptops + 2 external backup
disks), and I'd like to make an informed decision about whether to stay
with svnd for these, or start planning a move to softraid.

I've read the basic FMs svnd(4), vnconfig(8), softraid(4), and bioctl(8),
and I've browsed /usr/src/sys/dev/{vnd.c,softraid_crypto.c}.  And I
understand (and 100% agree with) Tad's comment
> 4.  If you stick with vnconfig, I'd make a slightly bigger deal about
> backing up the salt.  People may have a tendency to copy the vnd  
> backing file as a backup, omitting the salt, which makes it impossible
> to restore.  softraid stores the salt with the raidinfo, so you    
> whatever you're doing for backup, you aren't as likely to omit it.

Are there other FMs I should R to learn more?

ciao,

--
-- "Jonathan Thornburg [remove -animal to reply]" <jthorn@...>
   Dept of Astronomy, Indiana University, Bloomington, Indiana, USA
   "C++ is to programming as sex is to reproduction. Better ways might
    technically exist but they're not nearly as much fun." -- Nikolai Irgens

On Mon, Nov 2, 2009 at 5:28 PM, Jonathan Thornburg
<jthorn@...> wrote:
> In message <http://marc.info/?l=openbsd-misc&m=125695406905777&w=1>
> Ted Unangst wrote (commenting on using svnd for encrypting /home on
> an OpenBSD laptop)
>> 2.  People should be advised to use softraid crypto now.
>
> I'd like to ask a more general question: what are the tradeoffs between
> svnd and softraid for this sort of application (encrypting /home or
> some other piece(s) of a laptop's disk)?

First, svnd support is not going anywhere or changing.  So if you use
it, there's no need to migrate unless you want to.

softraid offers a few advantages.

1.  Better crypto.  The crypto algorithm currently used by softraid is
designed a little better.  It could, in theory, also use hardware,
except the choice of algorithm actually prevents that.  doh.  At the
very least, if you decided you needed hardware acceleration, a small
change to the code would enable it, whereas with svnd it's a pretty
major change.

2.  Efficiency.  The filesystem in a filesystem incurs more overhead.
There's also the fact that svnd goes through the crazy parts of the
buffer layer more than you probably want to.  Not a big deal, you
probably don't notice it much.

3.  Administration.  softraid is still under development, and the
tools and support for it will continue to improve.  In particular,
without making promises, softraid autodiscovery is a possibility and
will likely work better than anything you cook up with vnconfig.

The only advantage I can think of for svnd is that it's stabler code
and won't be changing in the future, but that's exactly what makes
softraid better.  Today, they are about equal, but softraid support is
going to get better, svnd will not.

Hi,

On Mon, 2 Nov 2009 21:35:45 -0400
Ted Unangst <ted.unangst@...> wrote:

I have one advantage to mention:
I have done some comparison measurements (with bonnie benchmark) and
some self-written dd scripts under 4.5 - result: in my setup svnd seems to be
much faster.
I think this is maybe related to the 1. point because (better) crypto is slow(er).

Regards,

Joerg

On Wed, Nov 4, 2009 at 12:02 PM, umaxx <umaxx@...> wrote:

> I have one advantage to mention:
> I have done some comparison measurements (with bonnie benchmark) and
> some self-written dd scripts under 4.5 - result: in my setup svnd seems to be
> much faster.
> I think this is maybe related to the 1. point because (better) crypto is slow(er).

I find svnd to be fast as well. I use it on notebooks and underpowered
Celeron CPUs and the encryption overhead is imperceptible. I also like
the fact that I can copy the encrypted containers from one OpenBSD
install to the other. For now, I plan to stick with vnconfig. Only /,
/usr and /var are clear text on my laptops and I'm OK with that. /home
is encrypted, swap in encrypted and /tmp is in memory. So I still have
some privacy.

Brad

On Wed, Nov 04, 2009 at 07:02:54PM -0500, Brad Tilley wrote:
> ...Only /,
> /usr and /var are clear text on my laptops and I'm OK with that. /home
> is encrypted, swap in encrypted and /tmp is in memory. So I still have
> some privacy.

Did you forget /var/tmp?  :)

On 22:10, Wed 04 Nov 09, Josh Grosse wrote:
> On Wed, Nov 04, 2009 at 07:02:54PM -0500, Brad Tilley wrote:
> > ...Only /,
> > /usr and /var are clear text on my laptops and I'm OK with that. /home
> > is encrypted, swap in encrypted and /tmp is in memory. So I still have
> > some privacy.
>
> Did you forget /var/tmp?  :)

and /var is used for more.
On my laptop I have Mysql running for instance to do webdevelopment and
that stores databases inside var (including the data .....)

Leaving /var unencrypted while encrypting /tmp and /home is not good.
--

Michiel van Baak
michiel@...
http://michiel.vanbaak.eu
GnuPG key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x71C946BD

"Why is it drug addicts and computer aficionados are both called users?"