presentation to T10 CAP WG - feedback
Hi,
here is a quick report on the presentation I gave last tuesday 5/4 at the
T10 CAP working group.
The group showed a good amount of interest to P1619, and they value the
benefits that non-malleable block encryption provides.
512-byte wide blocks: the group understand that initial focus may be
restricted to 512-byte blocks, but suggests extensions to other block
sizes. Some implementation use 520, but there are implementations even with
other weird sizes (probably all are mutiple of 4 bytes). This would help
wide adoption of P1619.
Tape encryption: somebody suggests that tape encryption and integrity
protection might be an interesting application, since tapes moves around
more than disks.
P1619-CAP interaction: CAP extensions are end-to-end (writer to reader)
per-block extra information. As soon as P1619 and CAP are applied at the
same point in the data path it should be possible to combine the two
mechanisms. Encrytpion of the entire resulting 520-byte block (including
the extra 8 CAP bytes) would give some "stronger" integrity protection,
since the CRC would end up encrypted.
Most of the people were facing this aspect of storage security for the
first time, then there may be the need for some time to elaborate further
implications with CAP. Bob Nixon, that helped a lot during the discussion,
voluntered to keep circulating P1619 with active memebers of CAP, and this
will possibly lead to other interactions between the groups.
Fabio