[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: difference between jari's and hvr's package

Herbert, et al.:

	I must admit, I do not clearly understand why something such as
the CryptoAPI must live in kernel space? Can a user space implementation
of it not exist?

	Presuming for the sake of understanding that it does need to
live in kernel space, if it were written as a module (in much the same
way loop-aes is), could it not be made to support a plethora more
kernels?

	Can the CryptoAPI be made to work in user space?

	The problem (for me) is the fact that it is a kernel patch, and
I cannot just plug it into any kernel I need to use it with, this is not
a small issue, it is quite critical in my decision.


Very Respectfully, 

Stuart Blake Tener, IT3 (E-4), USNR-R, N3GWG 
Beverly Hills, California
VTU 1904G (Volunteer Training Unit) 
stuart@bh90210.net 
west coast: (310)-358-0202 P.O. Box 16043, Beverly Hills, CA 90209-2043 
east coast: (215)-338-6005 P.O. Box 45859, Philadelphia, PA 19149-5859 

Telecopier: (419)-715-6073 fax to email gateway via www.efax.com (it's
free!) 

JOIN THE US NAVY RESERVE, SERVE YOUR COUNTRY, AND BENEFIT FROM IT ALL. 

Tuesday, March 05, 2002 8:17 AM


-----Original Message-----
From: linux-crypto-bounce@nl.linux.org
[mailto:linux-crypto-bounce@nl.linux.org] On Behalf Of Herbert Valerio
Riedel
Sent: Tuesday, March 05, 2002 8:14 AM
To: Jari Ruusu
Cc: Newsmail; linux-crypto@nl.linux.org
Subject: Re: difference between jari's and hvr's package

On Tue, 2002-03-05 at 16:43, Jari Ruusu wrote:
> Because cryptoapi works with very limited set of kernels, and with
none of
> the ultra stable kernels. Loop-AES works with all maintained stable
kernels,
> including distro vendor kernels. Meaning that if you use cryptoapi,
HVR
> chooses your kernel for you. If you use loop-AES, crypto adapts to
_your_
> choice of kernel. That is a big difference.
...and with loop-aes, you choose the set of ciphers your users use...
;-)

btw, you should have mentioned also that loop-aes is only about the loop
block device... while cryptoapi is a _generic_ api, of which the
cryptoloop is only one of the possible kernel space applications...

> Another disadvantage that cryptoapi loop has, is the cryptoapi bloat
that
> makes it slower than loop-AES. Loop-AES does not use cryptoapi, and
that is
> a feature.
btw, I wondering, whether we have any objective measurements of the
overhead involved wrt using the additional abstraction layer w/
cryptoapi...

regards,
-- 
Herbert Valerio Riedel       /    Phone: (EUROPE) +43-1-58801-18840
Email: hvr@hvrlab.org       /    Finger hvr@gnu.org for GnuPG Public Key
GnuPG Key Fingerprint: 7BB9 2D6C D485 CE64 4748  5F65 4981 E064 883F
4142

-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/