On 1 Mar 2018 15:59 +0100, from numberfour@xxxxxxxxx (Lukáš Pohanka):
> However, does this mean there is currently no chance of using any
> form of authenticated encryption in our case?
You could use a validating file system (such as ZFS or Btrfs) with a
plainly encrypted container. An adversary would then need to alter the
correct data block, plus the metadata block that holds the checksum
for the data block. Depending on the specific file system architecture
this could require correctly altering blocks all the way to the root
structures ("superblocks") of the file system. That might be good
enough even if authenticated encryption is unavailable.
--
Michael Kjörling • https://michael.kjorling.se • michael@xxxxxxxxxxx
“The most dangerous thought that you can have as a creative person
is to think you know what you’re doing.” (Bret Victor)
_______________________________________________
dm-crypt mailing list
dm-crypt@xxxxxxxx
http://www.saout.de/mailman/listinfo/dm-crypt
