On Thu, Jul 19, 2012 at 02:49:51PM -0700, Alex Elsayed wrote: > This may be insufficiently useful to justify implementing, but I thought it > was an interesting concept. > > One of the current issues with dm-crypt and discard is that enabling it can > leak information about the filesystem and usage patterns of the disk[1]. > > If a dm-thin device with a random block placement strategy is layered on top > of dm-crypt however, this could solve some of the issues involved and > partially mitigate others. > > Such a random block placement strategy would heavily disguise any layout > patterns that could be used to identify the filesystem, most likely to the > point of being completely unrecognizable. A couple of things spring to mind. - If you're using a spindle device this will destroy performance, unless you use large block size (which I suspect you don't want to do because you're trying to disguise access patterns). - How expensive will acquiring a cryptographically secure random destination be? _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
