add aegis aead support

[calvin2021y]

Describe the feature would like to see added to OpenZFS

add aegis aead as alternative AES GCM.

How will this feature improve OpenZFS?

Will provide much fast speed compare to others options.

Additional context

https://github.com/aegis-aead/libaegis

[lzsaver]

Overall, it is a good idea. Encryption (and HMAC) in ZFS is currently a performance bottleneck. Several pull requests are related to this issue: #17058, #16601, #14531, #14249 and #14219.

AEGIS is known for being part of the final CAESAR competition portfolio and is recommended for high-performance applications. It may be useful for encrypted pools on NVMe drives and for transferring encrypted data between pools over high-speed networks.

However, a crucial requirement for inclusion in ZFS is format stability. It should not change. Currently, AEGIS is undergoing standardization within the IETF (including for use in TLS):

• The AEGIS Family of Authenticated Encryption Algorithms
• AEGIS-based Cipher Suites for TLS 1.3, DTLS 1.3 and QUIC

On the other hand, BLAKE3 has already been added to ZFS and is widely adopted, although it is still in draft status.

If we are confident that the AEGIS format is stable enough, we can consider applying AEGIS and AEGIS-MAC in ZFS. Otherwise, we could consider using BLAKE3 for HMAC purposes for now, which would improve both speed and security.

---

@mcmilk can you take a look?

[mcmilk]

This looks like a cool idea. I will take a look and provide maybe a PR for it. @lzsaver - thanks for the hint.

[calvin2021y]

Just wanted to check in: Is there any update on the progress of adding AEGIS AEAD to OpenZFS?

Also, I’d love to help test this feature if any early implementation or PR becomes available — please let me know if that’s possible.

[ofalkenberg]

I would love to see that as well.

The performances are crazy good compared to HMAC and BLAKE