On Fri, Oct 21, 2016 at 07:21:04PM +0200, Richard Weinberger wrote: > On 21.10.2016 19:14, Michael Halcrow wrote: > > Compress-before-encrypt is a hazard. > > > > http://www.iacr.org/cryptodb/archive/2002/FSE/3091/3091.pdf > > I'm fully aware of that. But as usual it depends on the use case. > Compression is optional in UBIFS, paranoid users can disable it > when encryption is enabled. It's not the paranoid users I'm concerned about. It's those building systems with complexity and nuance on top of UBIFS who aren't paranoid enough. I suggest disabling compression by default when encryption is enabled, unless the user explicitly enables both. > > Thanks, > //richard -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
