Project Description
Implement a checksum algorithm for BTRFS that uses and authenticated (keyed) hash. There are 2 cryptographically secure hashes supported by btrfs, sha256 and blake2b.
Status: prototypes exist for most of the goals below, need polishing and testing
Goal for this Hackweek
This has been ongoing, there's prototype for the kernel side but is not complete and does not cover the whole use case. One drawback for the key requirement is that there's no way to verify the data/metadata validity without it. To address that, combine authenticated hash and a regular checksum into (e.g. split the 256 bits to 224 bits for sha256 and 32 bits for crc32c). To allow a use case with authenticated hash but without the private key stored on the host explore the public key signature for checksum.
- implement the basic authenticated hashes
- implement the combined authenticated and secondary hash
- finalize the interfaces (command line options, mount options), support for all commands
- bonus goal 1: implement checksum based on public key signature (DSA)
- bonus goal 2: prototype using blake3 and xxh3 as another types of cryptographic and checksum algorithms
Progress
- refactoring old branches, refreshing on to newer base (auth, auth+sum)
- implementing auth+sum in progs
- public key signature (example): implementing ->sign for ecdsa with p-256 curve
- XXH3 in kernel does not seem to be better than xxh64 (https://github.com/Cyan4973/xxHash/issues/793), the user space implementation heavily relies on SSE2 which is not easily available in kernel (FPU context switch overhead)
Resources
Code is in git but still quite messy and WIP.
Looking for hackers with the skills:
This project is part of:
Hack Week 22
Activity
Comments
Be the first to comment!
Similar Projects
Improve Qualcomm SOC msm8994/msm8992 kernel mainline support by pvorel
Project Description
Due previous hackweek...
Testing and adding GNU/Linux distributions on Uyuni by juliogonzalezgil
Join the Gitter channel! [https://gitter.im/uy...
Encrypted volumes in elemental-toolkit by flonnegren
[comment]: # (Please use the project descriptio...
Improve Qualcomm SOC msm8994/msm8992 kernel mainline support by pvorel
Project Description
Due previous hackweek...
How software creation process can save energy and CO2 emissions by acervesato
[comment]: # (Please use the project descriptio...
drgn: implement crash top-level commands by marxin
Project Description
The goal of the proje...
early stage kdump support by mbrugger
[comment]: # (Please use the project descriptio...
Create a DRM driver for VGA video cards by tdz
Yes, those [VGA video cards](https://en.wikiped...
Sign me off|in by mkoutny
[comment]: # (Please use the project descriptio...
Encrypted volumes in elemental-toolkit by flonnegren
[comment]: # (Please use the project descriptio...