Re: Btrfs Fscrypt Design Document

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, Oct 26, 2021 at 12:53:25AM -0700, Omar Sandoval wrote:
> On Mon, Oct 25, 2021 at 12:49:51PM -0700, Eric Biggers wrote:
> > On Thu, Oct 21, 2021 at 11:34:19AM -0700, Omar Sandoval wrote:
> > Now, I personally think that authenticating file contents only wouldn't give
> > much benefit, and whole-filesystem authentication would be needed to get a real
> > benefit.  But "why aren't you using an authenticated mode" is a *very* common
> > question, so you need an answer to that -- or ideally, just support it if it
> > isn't much work.
> 
> We already store a checksum per block; I don't see any reason that it
> couldn't be a MAC. Johannes Thumshirn had a proof of concept for storing
> an HMAC for all blocks:
> https://lore.kernel.org/linux-btrfs/20191015121405.19066-1-jthumshirn@xxxxxxx/#b
> Plumbing it through for authenticated encryption would be a little
> harder, but probably not by much.

I've been working on the HMAC as checksums and still want to finish as
time permits, so if you have any potential changes beyond "hmac is just
another checksum", please let me know.



[Index of Archives]     [linux Cryptography]     [Asterisk App Development]     [PJ SIP]     [Gnu Gatekeeper]     [IETF Sipping]     [Info Cyrus]     [ALSA User]     [Fedora Linux Users]     [Linux SCTP]     [DCCP]     [Gimp]     [Yosemite News]     [Deep Creek Hot Springs]     [Yosemite Campsites]     [ISDN Cause Codes]

  Powered by Linux