Date: Tue, 15 Sep 2020 21:58:22 -0400 From: Eric McCorkle <eric@metricspace.net> To: freebsd-hackers@freebsd.org Subject: Re: ZFS encryption and loader Message-ID: <a5f7be27-fa1f-b237-80c5-c1f802ff0210@metricspace.net> In-Reply-To: <9bbc0793-25d5-6525-fad5-c74ec836e26e@grosbein.net> References: <676dfde0-4202-1dc9-f90c-420fe9bbae27@metricspace.net> <9bbc0793-25d5-6525-fad5-c74ec836e26e@grosbein.net>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --aH9EEbGhoMDnmIazM5SNMwGIkNLTcP1Ov Content-Type: multipart/mixed; boundary="Jgu6imFkkefZzGhumHpk2HcuJVHEHzMCI"; protected-headers="v1" From: Eric McCorkle <eric@metricspace.net> To: freebsd-hackers@freebsd.org Message-ID: <a5f7be27-fa1f-b237-80c5-c1f802ff0210@metricspace.net> Subject: Re: ZFS encryption and loader References: <676dfde0-4202-1dc9-f90c-420fe9bbae27@metricspace.net> <9bbc0793-25d5-6525-fad5-c74ec836e26e@grosbein.net> In-Reply-To: <9bbc0793-25d5-6525-fad5-c74ec836e26e@grosbein.net> --Jgu6imFkkefZzGhumHpk2HcuJVHEHzMCI Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: quoted-printable On 9/12/20 9:37 PM, Eugene Grosbein wrote: > 13.09.2020 5:46, Eric McCorkle wrote: >=20 >> I'm thinking of migrating to ZFS encryption from GELI in the near futu= re. >> >> Does anyone know offhand what the state of support for ZFS encryption = in >> loader looks like, and if there's support for passing keys to the kern= el >> for boot-time loading? (I can look at adding these if they're missing= ) >=20 > Recently I've learned from one of ZoL maintainers that native > ZFS encryption is not so comprehensive as GELI. >=20 > I've been told that native ZFS encryption was initially designed for on= e specific task: > being able to receive encrypted customer data (backups), verify its int= egrity without decryption, > store and then receive incremental backups later. Therefore, not all da= ta is hidden with encryption, > for example, dataset names and some other metadata are not. >=20 I've looked into this prior, and you're right. The metadata that remains unencrypted shouldn't be a security risk, unless you're leaking info through your dataset names or something. I don't know enough about ZFS to know whether encryption for that stuff could be added later. One big advantage you get is per-block single-use keys and tight integration of AEAD. I would regard this as more trustworthy than repeatedly encrypting with the same key. It also opens the door to some interesting proactive security features. --Jgu6imFkkefZzGhumHpk2HcuJVHEHzMCI-- --aH9EEbGhoMDnmIazM5SNMwGIkNLTcP1Ov Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- iHUEARYIAB0WIQQ9+4mhuzHQx7ikjAs846Nm3BBWrAUCX2FxPgAKCRA846Nm3BBW rF7gAQCoqDVW+xhZqCZ+Ry7d8bXuXrq54HPi4hts7jGSDpYudgEA9C70PU6gugBg WvlQevEUEUBtNNo5FYTi8w40xq4JGAI= =55af -----END PGP SIGNATURE----- --aH9EEbGhoMDnmIazM5SNMwGIkNLTcP1Ov--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?a5f7be27-fa1f-b237-80c5-c1f802ff0210>