Re: eCryptfs Design Document

From: Christian Cachin
Date: Tue Mar 28 2006 - 08:46:56 EST

Next message: David Howells: "Re: [PATCH] split security_key_alloc into two functions"
Previous message: Frederik Deweerdt: "[PATCH 2.6.16-mm2] Kconfig SND_SEQUENCER_OSS help text fix"
In reply to: Michael Thompson: "Re: eCryptfs Design Document"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi all,

I'm a cryptographer with an interest in encrypting stored data.

Mike had asked me to read the eCryptfs design and I can confirm the
security statements made there, and that the algorithm choices are
adequate. The current release does not support integrity protection, but
this feature is promised for the next release through a MAC.

I don't see the need for tweakable encryption modes (like LRW, CMC)
in the eCryptfs strategy because being a virtual file system, it can
afford to insert some extra space and is not bound to the block
boundaries like a block device, for which these were developed. And with
integrity protection coming in the next release, the little extra security
gained in the current release by the tweakable modes would be a wasted
effort.

cc

---
Christian Cachin email: cca@xxxxxxxxxxxxxx
IBM Zurich Research Laboratory tel: +41-44-724-8989
Saumerstrasse 4 / Postfach fax: +41-44-724-8953
CH-8803 Rueschlikon, Switzerland http://www.zurich.ibm.com/~cca

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: David Howells: "Re: [PATCH] split security_key_alloc into two functions"
Previous message: Frederik Deweerdt: "[PATCH 2.6.16-mm2] Kconfig SND_SEQUENCER_OSS help text fix"
In reply to: Michael Thompson: "Re: eCryptfs Design Document"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]