Hmm. A Linux kernel module that implements a virtual block device backed by a stream cipher might be useful. You could seek the keystream.
Conversation
Notices
-
Embed this notice
Ryan Castellucci :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 21-Jul-2024 21:45:48 JST Ryan Castellucci :nonbinary_flag: -
Embed this notice
Falcon Darkstar (falcon@mastodon.falconk.rocks)'s status on Sunday, 21-Jul-2024 21:54:32 JST Falcon Darkstar @ryanc in CBC mode, can't be done. In XTS, CTR, CCM (decryption key only) or GCM, it's O(1) to do it yourself and the syscall overhead would be wild.
-
Embed this notice
Ryan Castellucci :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 21-Jul-2024 21:54:32 JST Ryan Castellucci :nonbinary_flag: @falcon I was thinking ChaCha20 or AES-CTR. Why do you think the syscall overhead would be high?
-
Embed this notice
Ryan Castellucci :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 21-Jul-2024 21:58:36 JST Ryan Castellucci :nonbinary_flag: @falcon It would be convenient to use with dd for cases where you want reproducible nonzero data.
-
Embed this notice
Ryan Castellucci :nonbinary_flag: (ryanc@infosec.exchange)'s status on Sunday, 21-Jul-2024 22:00:45 JST Ryan Castellucci :nonbinary_flag: @falcon Should be fine with larger read sizes, shouldn't it?
-
Embed this notice
Falcon Darkstar (falcon@mastodon.falconk.rocks)'s status on Sunday, 21-Jul-2024 22:00:46 JST Falcon Darkstar @ryanc you have to do the whole context switch and all the marshalling just to do one round of a cipher, which for example, to compute one block's key stream in AES-CTR on a modern x86 processor is one instruction.
-
Embed this notice