[Cryptography] Security on TRIM for full-disk encrypted SSDs
james hughes
hughejp at me.com
Thu Apr 21 21:12:17 EDT 2016
> On Apr 21, 2016, at 2:19 PM, Peter Fairbrother <peter at m-o-o-t.org> wrote:
> hmmm, how many files on t'internet are 2798954788 bytes long?
None.
They are padded to either 512 or 4k. Certainly the trim would be to those boundaries.
Regarding trim in general,
SMITH: Doctor, it hurts when I do this. <https://en.wikipedia.org/wiki/Smith_&_Dale>
DALE: Don't do that. <https://en.wikipedia.org/wiki/Smith_&_Dale>
If someone has access to your encrypted disk and images your encrypted drive, then you use the device again, and they image your drive again and compare, they will have FAR more information that what trim gives.
Disable trim if you can, but even then, it is still is not a deniable file system <http://www.formation.jussieu.fr/ars/2000-2001/UNIX/cours/5/COMPLEMENTS/DOC/why-cryptosystems-fail/sfs3.pdf> by any means (I like “3. An Alternative Construction").
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20160421/e7619026/attachment.html>
More information about the cryptography
mailing list