Date: Wed, 14 Jan 2015 08:16:44 +0300 From: rozhuk.im@gmail.com To: "'Kimmo Paasiala'" <kpaasial@gmail.com> Cc: 'FreeBSD Hackers' <freebsd-hackers@freebsd.org>, freebsd-geom@freebsd.org, 'Adam Nowacki' <nowakpl@platinum.linux.pl> Subject: RE: ChaCha8/12/20 and GEOM ELI tests Message-ID: <54b5fbbe.4457700a.2456.6944@mx.google.com> In-Reply-To: <CA%2B7WWSf%2B7N6foTKxarANfwgAitQXfxt%2B_e-HgcokzU5cVparAA@mail.gmail.com> References: <54b33bfa.e31b980a.3e5d.ffffc823@mx.google.com> <54B4AE55.9090205@platinum.linux.pl> <54b5d299.4914980a.61cd.43a6@mx.google.com> <CA%2B7WWScVQ9LwQQ3NR8ipkdxroqdg26Q2dB__%2B2wRr_0kPmJODQ@mail.gmail.com> <CA%2B7WWSf%2B7N6foTKxarANfwgAitQXfxt%2B_e-HgcokzU5cVparAA@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> >> Depends on the capabilities of the attacker. > >> > >> To be able to continuously read encrypted sectors for data > collection is too much. > >> > > > When talking about disk encryption the first assumption is that the=20 > attacker always has this capability, even with so much power the=20 > attacker shouldn't be able to break the encryption scheme. If he can=20 > then the encryption scheme is not secure. >=20 > Ift the attacker can learn anything about the unencrypted data or=20 > predict something about future encrypted or unencrypted blocks by=20 > analyzing the previous encrypted blocks the encryption scheme should=20 > be considered insecure. I consider the case when the disk can be obtained by physically an = attacker. All the rest of the disk directly connected to the computer. If an attacker can read encrypted data directly to disk means that the = system is already compromised by an attacker, and probably in this case = can read the data from the disk and through read() already decrypted and = get the key from the kernel memory.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?54b5fbbe.4457700a.2456.6944>