"Mere" accidents like disk errors are the most common and likely problem,
and by themselves justify strong integrity protection. Hence ZFS. License
problems mean you'll never boot Linux from it, but FreeBSD can, and OS X
supports it. Linux' answer is btrfs or something like that.
On Jan 19, 2011 6:
Jon and Ian, unless I'm mistaken, I think you both don't understand
the threat model.
The threat model is someone with temporary access to the encrypted
storage device. This happens in many ways; in hotel rooms, when
you leave home, if you host with an untrusted data center, if
you pass through c
On Sun, Jan 16, 2011 at 10:42:22AM -0800, Jon Callas wrote:
> Moreover, disk systems are hard to write and when you have a nasty
bug, you lose people's data. People don't like having their data
lost. Simplicity is a virtue in all security systems, as well as in
others.
I couldn't resist ment
On 14/01/11 5:40 AM, travis+ml-rbcryptogra...@subspacefield.org wrote:
So does anyone know off the top of their head whether dm-crypt or
TrueCrypt (or other encrypted storage things) promise data integrity
in any way, shape or form?
I'm assuming they're just encrypting, but figured I'd ask befor
On Jan 15, 2011, at 5:53 AM, Marsh Ray wrote:
> On 01/14/2011 06:13 PM, Jon Callas wrote:
>>
>> This depends on what you mean by data integrity.
>
> How about "an attacker with write access to the disk is unable to modify the
> protected data without detection"?
Yes, that's the strict definit
On Sat, 2011-01-15 at 17:08 +0200, Alexander Klimov wrote:
> > As I understand it, the Playstation 3 filesystem crypto was defeated
> > by simply deleting the encrypted files, filling up the disk with
> > movies and then placing the cyphertext in the movie data stream
> > (they may have had to ensu
Another completely different approach is to use a filesystem which does
its own integrity checking. ZFS is a good example. If you run ZFS on top
of an encrypted loop device, most corruption should be detected because
ZFS does its own cryptographic checksum of data blocks. This checksum is
stored in
On Jan 15, 2011, at 4:23 PM, Ivan Krstić wrote:
> On Jan 14, 2011, at 4:13 PM, Jon Callas wrote:
>> XTS in particular is a wide-block mode that takes a per-block tweak. This
>> means that if you are using an XTS block of 512 bytes, then a single-bit
>> change to the ciphertext causes the whole
On Jan 14, 2011, at 4:13 PM, Jon Callas wrote:
> XTS in particular is a wide-block mode that takes a per-block tweak. This
> means that if you are using an XTS block of 512 bytes, then a single-bit
> change to the ciphertext causes the whole block to decrypt incorrectly. If
> you're using a 4K d
On Fri, Jan 14, 2011 at 5:13 PM, Jon Callas wrote:
>
> On Jan 13, 2011, at 10:40 AM,
> travis+ml-rbcryptogra...@subspacefield.orgwrote:
>
> However -- a number of storage things (including TrueCrypt) are using modes
> like XTS-AES. These modes are sometimes called "PMA" modes for "Poor Man's
> A
On Jan 15, 2011, at 8:53 44AM, Marsh Ray wrote:
> On 01/14/2011 06:13 PM, Jon Callas wrote:
>>
>> This depends on what you mean by data integrity.
>
> How about "an attacker with write access to the disk is unable to modify the
> protected data without detection"?
>
>> In a strict, formal
>>
On Sat, 15 Jan 2011, Marsh Ray wrote:
> > This depends on what you mean by data integrity.
>
> How about "an attacker with write access to the disk is unable to modify
> the protected data without detection"?
What about reverting (a part of) the storage to one of the previously
valid states?
> As
On 01/14/2011 06:13 PM, Jon Callas wrote:
This depends on what you mean by data integrity.
How about "an attacker with write access to the disk is unable to modify
the protected data without detection"?
In a strict, formal
way, where you'd want to have encryption and a MAC, the answer is n
On Jan 13, 2011, at 10:40 AM, travis+ml-rbcryptogra...@subspacefield.org wrote:
> * PGP Signed by an unknown key
>
> So does anyone know off the top of their head whether dm-crypt or
> TrueCrypt (or other encrypted storage things) promise data integrity
> in any way, shape or form?
This depends
* travis+ml-rbcryptogra...@subspacefield.org wrote:
> So does anyone know off the top of their head whether dm-crypt or
> TrueCrypt (or other encrypted storage things) promise data
> integrity in any way, shape or form?
I've heard that geli does.
--
left blank, right bald
pgpWPLfKZA5z2.pgp
De
So does anyone know off the top of their head whether dm-crypt or
TrueCrypt (or other encrypted storage things) promise data integrity
in any way, shape or form?
I'm assuming they're just encrypting, but figured I'd ask before
digging into source and design docs.
It's important to understand the
16 matches
Mail list logo
