On Aug 22, 2018, at 12:20 PM, Alan Somers wrote:
> ]That doesn't answer the question about what happens when dedup is turned
> off. In that case, is the HMAC still used as the IV? If so, then
> watermarking attacks are still possible. If ZFS switches to a random IV when
> dedup is off, then
On Aug 22, 2018, at 12:35 PM, Alan Somers wrote:
> Only encrypting L0 blocks also leaks a lot of information. That means that,
> if encryption is set to anything but "off", watermarking attacks will still
> be possible based on the size and sparsity of a file. Because I believe that
> with an
On Aug 21, 2018, at 8:16 PM, Alan Somers wrote:
>
> > The last time I looked (which was a long time ago), Oracle's ZFS encryption
> > looked extremely vulnerable to watermarking attacks. Did anybody ever fix
> > that?
This is the comment about dedup in zio_crypt.c:
* CONSIDERATIONS FOR DEDU
On Aug 21, 2018, at 8:11 PM, Alan Somers wrote:
> The last time I looked (which was a long time ago), Oracle's ZFS encryption
> looked extremely vulnerable to watermarking attacks. Did anybody ever fix
> that?
This isn’t Oracle’s implementation, but I don’t know how compatible or not it
is wi
On Apr 18, 2016, at 11:52 AM, Lev Serebryakov wrote:
>
> I understand, that maybe it is too late, but ARE YOU KIDDING?! 755
> packages?! WHY?! What are reasons and goals to split base in such
> enormous number of packages?
Just a guess, having done the same thing myself: it means that updates c