Date: Mon, 30 Jan 2006 21:12:52 +0100 From: Pawel Jakub Dawidek <pjd@FreeBSD.org> To: Christian Baer <christian.baer@informatik.uni-dortmund.de> Cc: freebsd-geom@freebsd.org Subject: Re: A few things about GELI Message-ID: <20060130201252.GB928@garage.freebsd.pl> In-Reply-To: <drlccu$1uv6$2@nermal.rz1.convenimus.net> References: <drlccu$1uv6$2@nermal.rz1.convenimus.net>
next in thread | previous in thread | raw e-mail | index | archive | help
--LyciRD1jyfeSSjG0 Content-Type: text/plain; charset=iso-8859-2 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Jan 30, 2006 at 04:46:38PM +0100, Christian Baer wrote: +> The question is more of an academic nature, but interesting just the +> same: Can it be said that GELI is more secure (by design) than GBDE or +> vice versa? The differences are not only of cosmetic nature or in the +> user interface, but there is a real difference within the concept. Can +> one of these approaches be called more secure than the other[2]? I'm not going to answer this. In my opinion both are secure enough for most uses (ie. for data privacy). +> Are there any plans to add additional ciphers like Twofish or Serpant to +> GELI? If those will be added to crypto(9) it will be trivial to add them to geli(8). +> What does this "sector-to-sector encryption" mean and how is it +> different from GBDE's approach? In GBDE there is one sector with keys per 32 sectors with data. In GELI there is one main key and each data sector is represented by exactly one sector in *.eli provider. +> Are there plans for a geli(4) manpage inspired by gbde(4) manpage? It +> just shows the non-expert wonderfully, how it works and how safe it is +> (in numbers). Yes, there are plans... +> GBDE wants to be attached to a partition like adxs1d. The examples in +> the handbook however suggest that GELI should be attached to the +> hardware-device adx and not to a partition. Why is this so? I am +> guessing that GELI would be just as happy to be attached to ad1s1d as to +> ad1 (wouldn't this be mandatory if there were more than one partition on +> the drive?), but does this have any (dis-) advantages? Both gbde(8) and geli(8) can work just fine with any GEOM providers (disks, partitions, slices, mirrors, stripes, etc.). +> If I were to use encrypted swap space I couldn't use the fstab for these +> anymore. Should I do this with a start-up script and if so, where should +> I put it? 'Where' as in 'where should it be in the boot-order?' For swap devices you simply can put /dev/adXs1.eli to /etc/fstab and /etc/rc.d/encswap script will detect .eli suffix and configure it with one-time key. +> Basicly the same thing goes for temp-space. When should it be mounted. +> And more importantly, if I use a new key every time, wouldn't I need a +> newfs during every boot - before I mount /tmp? There is no rc.d script for this yet. So now you need to put something like this into /etc/rc.early: prov=3D`mdconfig -a -t swap -s 64m` geli onetime /dev/${prov} newfs /dev/${prov} +> [2] I don't see either of them being cracked any time soon and if either +> were attacked it would probably be easier to brute force the +> passphrase than to attack the architecture itself. In geli(8) password is protected with PKCS#5v2. On my laptop my passphrase is protected with 131072 interactions, which bascially means it is 2^17 times harder to break. --=20 Pawel Jakub Dawidek http://www.wheel.pl pjd@FreeBSD.org http://www.FreeBSD.org FreeBSD committer Am I Evil? Yes, I Am! --LyciRD1jyfeSSjG0 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (FreeBSD) iD8DBQFD3nNEForvXbEpPzQRAof6AKCxH5S6uOXZKF+wUgB8zmCEssp++gCeLHw3 jbsYgbnoaLENZ7fHqrEa5/4= =wMid -----END PGP SIGNATURE----- --LyciRD1jyfeSSjG0--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060130201252.GB928>