On Wednesday,2009-11-04, at 7:04 , Darren J Moffat wrote:
The SHA-256 is unkeyed so there would be nothing to stop an
attacker that can write to the disks but doesn't know the key from
modifying the on disk ciphertext and all the SHA-256 hashes up to
the top of the Merkle tree to the uberbl
Nicolas Williams wrote:
> On Tue, Nov 03, 2009 at 07:28:15PM +, Darren J Moffat wrote:
>> Nicolas Williams wrote:
>>> Interesting. If ZFS could make sure no blocks exist in a pool from more
>>> than 2^64-1 transactions ago[*], then the txg + a 32-bit per-transaction
>>> block write counter wou
Zooko Wilcox-O'Hearn wrote:
> Dear Darren J Moffat:
>
> I don't understand why you need a MAC when you already have the hash of
> the ciphertext. Does it have something to do with the fact that the
> checksum is non-cryptographic by default
> (http://docs.sun.com/app/docs/doc/819-5461/ftyue?a=vie
On Sun, Nov 01, 2009 at 10:33:34PM -0700, Zooko Wilcox-O'Hearn wrote:
> I don't understand why you need a MAC when you already have the hash
> of the ciphertext. Does it have something to do with the fact that
> the checksum is non-cryptographic by default (http://docs.sun.com/app/
> docs/doc
Hi Darren,
On Fri, Oct 30, 2009 at 11:30 AM, Darren J Moffat wrote:
> For the encryption functionality in the ZFS filesystem we use AES in CCM or
> GCM mode at the block level to provide confidentiality and authentication.
> There is also a SHA256 checksum per block (of the ciphertext) that for
On Fri, 30 Oct 2009, Darren J Moffat wrote:
> The SHA256 checksums are used even for blocks in the pool that aren't
> encrypted and are used for detecting and repairing (resilvering) block
> corruption. Each filesystem in the pool has its own wrapping key and
> data encryption keys.
>
> Due to som
Dear Darren J Moffat:
I don't understand why you need a MAC when you already have the hash
of the ciphertext. Does it have something to do with the fact that
the checksum is non-cryptographic by default (http://docs.sun.com/app/
docs/doc/819-5461/ftyue?a=view ), and is that still true? You