Re: Is erasing hard disk drive mandatory?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I've been curious about the random data step for a while. I created an array made up of dm-crypted disks but I didn't do this step. The disks did have some data on them but not necessarily random data. What is the functional purpose of writing random data to the disk prior to encrypting them? Does the encryption process use existing data from the disk as part of it's encryption method? What would happen if dm-crypt was used on a completely blank disk? 

Thanks,

Steve


On Thu, May 29, 2014 at 4:13 PM, Arno Wagner <arno@xxxxxxxxxxx> wrote:
First, I presume this is about wiping the raw volume with
cryptographically striong randomness, or wriping the new
encrypted volume with anything (e.g. zeros). These two come
down to the same effect on the raw volume.

Erasing is not recommended to remove any data that was there
before (if you want that, you must erase, but it is a separate
thing). Erasing is recommended to make it non-transparent where
data was written in the encrypted volume. If you care, then you
need to erase.

Arno

On Thu, May 29, 2014 at 15:33:23 CEST, Kenny Lake wrote:
> If I want to create an encrypted volume, over a disk drive where there
> were no sensible data or there was another encrypted volume, can i skip
> the erasing procedure or will compromise the security of the new encrypted
> volume?

> _______________________________________________
> dm-crypt mailing list
> dm-crypt@xxxxxxxx
> http://www.saout.de/mailman/listinfo/dm-crypt


--
Arno Wagner,     Dr. sc. techn., Dipl. Inform.,    Email: arno@xxxxxxxxxxx
GnuPG: ID: CB5D9718  FP: 12D6 C03B 1B30 33BB 13CF  B774 E35C 5FA1 CB5D 9718
----
A good decision is based on knowledge and not on numbers. -  Plato
_______________________________________________
dm-crypt mailing list
dm-crypt@xxxxxxxx
http://www.saout.de/mailman/listinfo/dm-crypt



--
________________________________________________________________
 Steve Cousins             Supercomputer Engineer/Administrator
 Advanced Computing Group            University of Maine System
 244 Neville Hall (UMS Data Center)              (207) 561-3574
 Orono ME 04469                      steve.cousins at maine.edu

_______________________________________________
dm-crypt mailing list
dm-crypt@xxxxxxxx
http://www.saout.de/mailman/listinfo/dm-crypt

[Index of Archives]     [Device Mapper Devel]     [Fedora Desktop]     [ATA RAID]     [Fedora Marketing]     [Fedora Packaging]     [Fedora SELinux]     [Yosemite News]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux