Re: [Haifux] Nested disk encryption
Hi and thanks to those who answered. Since nobody stood forward and told me I'm going to do something stupid, I took some courage, and pulled my little stunt. As one could expect, it worked like a clockwork. I never did an exhaustive test, but settled for what I really needed to do, which was storing around 20 GB of data in files of different sizes and shapes, in the secured image. Which is not a negligible operation. I kept a look on /var/log/messages and nothing special appeared there. The only annoyment was that the computer becomes extremely sluggish during a heavy copy operation (despite ionice), but that is also true when going directly on the single-encrypted LVMed RAID disk (or maybe this is true on whatever disk?). I wrote a small script which turns a plain file into an encrypted ext4 image. I prefer having a script wipe out my disk because I got the bash programming wrong over having the same effect because of not being concentrated for a split second. You can have a look, even try it out and then NOT blame me: http://billauer.co.il/blog/2010/09/encrypted-disk-image-dm_crypt-luks/ Gmar Hatima Tova, Eli -- Web: http://www.billauer.co.il ___ Haifux mailing list Haifux@haifux.org http://hamakor.org.il/cgi-bin/mailman/listinfo/haifux
Re: [Haifux] Nested disk encryption
On Thu, Sep 16, 2010 at 3:12 PM, Eli Billauer wrote: > Why does a benchmark tool help me here? I don't care about performance. I'm > more worried about revealing a bug in the kernel, and finding myself with > junk data written to my disk. Or something like that. Its not for perfomance, but for stress test. Leave it running in the loop for a week and keep using your pc as usuall. If nothing crashes, I would be pretty confident in a such setup. And even if someone experienced enough would give "yes" answer to you, no one gaurantees you that next kernel update will not break it. P.S. Nothing is sure but death and taxes :) > > > Since I have no idea about how things are organized in the kernel, I also > have no clue on whether it's structured enough to stack one layer on another > without anything happening. > > > For example, suppose I have 16 loop devices in my system, and created a loop > device inside a loop device, and went on using up all 16 in a nested manner > (loop device "babushka"). In theory, this should work. Now ladies and > gentlemen, place your bets on if this works if I'll try this for real. (I'm > not really going to try this, but that's the idea). > > > Eli > > > Zaar Hai wrote: > >> Some time ago I did what you've done, but not for some real use - just >> for testing. I suggest you run iozone (or other io benchmark) on your >> loopback partition and see if anything goes wrong. >> >> On Thu, Sep 16, 2010 at 11:46 AM, Eli Billauer wrote: >> > > > -- > Web: http://www.billauer.co.il > > -- Zaar ___ Haifux mailing list Haifux@haifux.org http://hamakor.org.il/cgi-bin/mailman/listinfo/haifux
Re: [Haifux] Nested disk encryption
Why does a benchmark tool help me here? I don't care about performance. I'm more worried about revealing a bug in the kernel, and finding myself with junk data written to my disk. Or something like that. Since I have no idea about how things are organized in the kernel, I also have no clue on whether it's structured enough to stack one layer on another without anything happening. For example, suppose I have 16 loop devices in my system, and created a loop device inside a loop device, and went on using up all 16 in a nested manner (loop device "babushka"). In theory, this should work. Now ladies and gentlemen, place your bets on if this works if I'll try this for real. (I'm not really going to try this, but that's the idea). Eli Zaar Hai wrote: > Some time ago I did what you've done, but not for some real use - just > for testing. I suggest you run iozone (or other io benchmark) on your > loopback partition and see if anything goes wrong. > > On Thu, Sep 16, 2010 at 11:46 AM, Eli Billauer wrote: > > -- Web: http://www.billauer.co.il ___ Haifux mailing list Haifux@haifux.org http://hamakor.org.il/cgi-bin/mailman/listinfo/haifux
Re: [Haifux] Nested disk encryption
Some time ago I did what you've done, but not for some real use - just for testing. I suggest you run iozone (or other io benchmark) on your loopback partition and see if anything goes wrong. On Thu, Sep 16, 2010 at 11:46 AM, Eli Billauer wrote: > Hi, > > > Thanks, but it looks like we're not on the same page. I'm not looking > for double protection. And I know that in theory, what I want to do is > OK, and that the ciphers are theoretically strong (hoping we don't have > a Debian fiasco II buried somewhere). > > > My concern in about kernel reliability. Whether two layers of encryption > isn't a quirky scenario, which may reveal a nasty bug in the kernel code. > > > The best answer I could get would be something like "company X is using > this for years on their high availability servers without a glitch". I > would also settle for "I'm doing this all the time". > > > Eli > > > Orr Dunkelman wrote: > >> If you use modern ciphers (AES-256, or Serpent are two such ciphers), >> there should be no problem. >> >> The RAID's encryption does not care what you encrypt. The loopback >> device does not care where it is stored. So you get double protection. >> >> Orr. >> >> > > > -- > Web: http://www.billauer.co.il > > ___ > Haifux mailing list > Haifux@haifux.org > http://hamakor.org.il/cgi-bin/mailman/listinfo/haifux > -- Zaar ___ Haifux mailing list Haifux@haifux.org http://hamakor.org.il/cgi-bin/mailman/listinfo/haifux
Re: [Haifux] Nested disk encryption
Hi, Thanks, but it looks like we're not on the same page. I'm not looking for double protection. And I know that in theory, what I want to do is OK, and that the ciphers are theoretically strong (hoping we don't have a Debian fiasco II buried somewhere). My concern in about kernel reliability. Whether two layers of encryption isn't a quirky scenario, which may reveal a nasty bug in the kernel code. The best answer I could get would be something like "company X is using this for years on their high availability servers without a glitch". I would also settle for "I'm doing this all the time". Eli Orr Dunkelman wrote: > If you use modern ciphers (AES-256, or Serpent are two such ciphers), > there should be no problem. > > The RAID's encryption does not care what you encrypt. The loopback > device does not care where it is stored. So you get double protection. > > Orr. > > -- Web: http://www.billauer.co.il ___ Haifux mailing list Haifux@haifux.org http://hamakor.org.il/cgi-bin/mailman/listinfo/haifux
Re: [Haifux] Nested disk encryption
On Thursday 16 September 2010 08:44:07 Shachar Raindel wrote: > I will add a recommendation for TrueCrypt, which is considered secure, > very easy to use, and supports hidden volumes, so that even if you are > forced to give out passwords, you can give out passwords that will be > valid, but not show up the content of your real encrypted drive. > > It is also portable, so you can use the same drive image on different > OSes, and it has a nice gui (in addition to command line support). > TrueCrypt does have an iffy licence, though: http://en.wikipedia.org/wiki/TrueCrypt#Licensing Regards, Shlomi Fish > --Shachar -- - Shlomi Fish http://www.shlomifish.org/ Original Riddles - http://www.shlomifish.org/puzzles/ She's a hot chick. But she smokes. She can smoke as long as she's smokin'. Please reply to list if it's a mailing list post - http://shlom.in/reply . ___ Haifux mailing list Haifux@haifux.org http://hamakor.org.il/cgi-bin/mailman/listinfo/haifux
Re: [Haifux] Nested disk encryption
I will add a recommendation for TrueCrypt, which is considered secure, very easy to use, and supports hidden volumes, so that even if you are forced to give out passwords, you can give out passwords that will be valid, but not show up the content of your real encrypted drive. It is also portable, so you can use the same drive image on different OSes, and it has a nice gui (in addition to command line support). --Shachar On Thu, Sep 16, 2010 at 3:57 AM, Orr Dunkelman wrote: > If you use modern ciphers (AES-256, or Serpent are two such ciphers), > there should be no problem. > > The RAID's encryption does not care what you encrypt. The loopback > device does not care where it is stored. So you get double protection. > > Orr. > > On Thu, Sep 16, 2010 at 2:09 AM, Eli Billauer wrote: >> Hello, >> >> I have a piece of sensitive data, which I'd like to keep locked away when I >> don't use it. It's reassuring to know, that even if my computer would ever >> meet a trojan horse, that data will be off limit, unless I would happen to >> be using it in very bad timing. >> >> Having a Fedora 12 (kernel 2.6.32 for now), the immediate solution is to >> create a large empty file, mount it as a loop device, and create an >> encrypted disk on it. When I don't use the data, I simply close the >> encryption, and all is safe and sound. >> >> The only thing that worries me, is that the disk itself is a RAID-5 (three >> disks) with the whole thing encrypted (that is, the whole of /dev/md0, which >> is why I don't have any unencrypted space left) and then we have LVM over >> that. So if I pull my stunt, there will be five layers of munching between >> real data and what is written on the hardware disk. Including encrypting >> twice. >> >> In a theoretical world, one can stack layers without worrying about >> anything. In a real world, there are sometimes bugs, which show up in exotic >> situations. >> >> I have no problem with some possible slowdown. I only wonder, if I'm not >> pushing my luck. >> >> So what do you say? Would you feel safe to stack one encryption on another? >> Is it correct to assume that each layer works independently, and therefore >> it doesn't matter how much I stack up? >> >> Thanks in advance, >> >> Eli >> >> -- >> Web: http://www.billauer.co.il >> >> ___ >> Haifux mailing list >> Haifux@haifux.org >> http://hamakor.org.il/cgi-bin/mailman/listinfo/haifux >> >> > > > > -- > Orr Dunkelman, > orr.dunkel...@gmail.com > > GPG fingerprint: C2D5 C6D6 9A24 9A95 C5B3 2023 6CAB 4A7C B73F D0AA > (This key will never sign Emails, only other PGP keys. The key > corresponds to o...@vipe.technion.ac.il) > ___ > Haifux mailing list > Haifux@haifux.org > http://hamakor.org.il/cgi-bin/mailman/listinfo/haifux > ___ Haifux mailing list Haifux@haifux.org http://hamakor.org.il/cgi-bin/mailman/listinfo/haifux
Re: [Haifux] Nested disk encryption
If you use modern ciphers (AES-256, or Serpent are two such ciphers), there should be no problem. The RAID's encryption does not care what you encrypt. The loopback device does not care where it is stored. So you get double protection. Orr. On Thu, Sep 16, 2010 at 2:09 AM, Eli Billauer wrote: > Hello, > > I have a piece of sensitive data, which I'd like to keep locked away when I > don't use it. It's reassuring to know, that even if my computer would ever > meet a trojan horse, that data will be off limit, unless I would happen to > be using it in very bad timing. > > Having a Fedora 12 (kernel 2.6.32 for now), the immediate solution is to > create a large empty file, mount it as a loop device, and create an > encrypted disk on it. When I don't use the data, I simply close the > encryption, and all is safe and sound. > > The only thing that worries me, is that the disk itself is a RAID-5 (three > disks) with the whole thing encrypted (that is, the whole of /dev/md0, which > is why I don't have any unencrypted space left) and then we have LVM over > that. So if I pull my stunt, there will be five layers of munching between > real data and what is written on the hardware disk. Including encrypting > twice. > > In a theoretical world, one can stack layers without worrying about > anything. In a real world, there are sometimes bugs, which show up in exotic > situations. > > I have no problem with some possible slowdown. I only wonder, if I'm not > pushing my luck. > > So what do you say? Would you feel safe to stack one encryption on another? > Is it correct to assume that each layer works independently, and therefore > it doesn't matter how much I stack up? > > Thanks in advance, > > Eli > > -- > Web: http://www.billauer.co.il > > ___ > Haifux mailing list > Haifux@haifux.org > http://hamakor.org.il/cgi-bin/mailman/listinfo/haifux > > -- Orr Dunkelman, orr.dunkel...@gmail.com GPG fingerprint: C2D5 C6D6 9A24 9A95 C5B3 2023 6CAB 4A7C B73F D0AA (This key will never sign Emails, only other PGP keys. The key corresponds to o...@vipe.technion.ac.il) ___ Haifux mailing list Haifux@haifux.org http://hamakor.org.il/cgi-bin/mailman/listinfo/haifux
[Haifux] Nested disk encryption
Hello, I have a piece of sensitive data, which I'd like to keep locked away when I don't use it. It's reassuring to know, that even if my computer would ever meet a trojan horse, that data will be off limit, unless I would happen to be using it in very bad timing. Having a Fedora 12 (kernel 2.6.32 for now), the immediate solution is to create a large empty file, mount it as a loop device, and create an encrypted disk on it. When I don't use the data, I simply close the encryption, and all is safe and sound. The only thing that worries me, is that the disk itself is a RAID-5 (three disks) with the whole thing encrypted (that is, the whole of /dev/md0, which is why I don't have any unencrypted space left) and then we have LVM over that. So if I pull my stunt, there will be five layers of munching between real data and what is written on the hardware disk. Including encrypting twice. In a theoretical world, one can stack layers without worrying about anything. In a real world, there are sometimes bugs, which show up in exotic situations. I have no problem with some possible slowdown. I only wonder, if I'm not pushing my luck. So what do you say? Would you feel safe to stack one encryption on another? Is it correct to assume that each layer works independently, and therefore it doesn't matter how much I stack up? Thanks in advance, Eli || || || || -- Web: http://www.billauer.co.il ___ Haifux mailing list Haifux@haifux.org http://hamakor.org.il/cgi-bin/mailman/listinfo/haifux