On Wed, Nov 9, 2011 at 1:44 AM, Mimi Zohar <zohar@xxxxxxxxxxxxxxxxxx> wrote: > Ted Ts'o <tytso <at> mit.edu> writes: > >> >> On Thu, Sep 29, 2011 at 04:33:52PM +0300, Kasatkin, Dmitry wrote: >> > >> >> > >> There is work currently being done to add checksums for detecting > filesystem corruption (see list >> archive). However, if the attacker can binary edit the underlying disk device > then they can also edit the >> checksums (crc32c) at the same time. >> > >> >> > >> The only secure way to handle this would be a crypto checksum with a > secret key. >> > > >> > >> > Can you please give me some links to it???? >> >> Darrick Wong has been sending patches to the linux-ext4 mailing for >> review to use crc32c to protect various parts of the file system >> metadata. >> >> There has been no work to the "crypto checksum with a secret key" bit; >> the hard part is where you would securely store the secret key so that >> only a trusted kernel has access to it. > > Sorry I missed this thread. Any reason that trusted/encrypted keys can't be > used for storing the secret key? > Probably because it is relatively new thing... > thanks, > > Mimi > > > -- > To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in > the body of a message to majordomo@xxxxxxxxxxxxxxx > More majordomo info at http://vger.kernel.org/majordomo-info.html > -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
