DragonFlyBSD Lands "Next-Gen" Disk Encryption Code
a year ago
- #DiskEncryption
- #DragonFlyBSD
- #OpenSource
- DragonFlyBSD has merged dm_target_crypt_ng, a next-generation disk encryption implementation.
- The new implementation is compatible with Linux's dm-crypt and improves interactivity and performance.
- It replaces the older asynchronous opencrypto/cryptodev with a simplified API for symmetric block ciphers.
- The system now uses two worker pools for read and write requests, improving fairness and performance.
- Initial support includes AES-CBC and AES-XTS, with plans to add Twofish and Serpent ciphers.
- Users can test the new module by adding 'dm_target_crypt_ng_load=YES' to /boot/loader.conf.
- The old dm_target_crypt will be removed after further testing and feedback.
- Follow-up patches have refactored crypto ciphers and improved the cipher API.
- DragonFlyBSD's next release is expected to include this feature along with other enhancements.