[Cryptography] Disk encryption
Nico Williams
nico at cryptonector.com
Wed Mar 29 15:25:01 EDT 2023
On Tue, Mar 28, 2023 at 04:23:03AM +1100, Dave Horsfall wrote:
> I've never used disk encryption before, so I have some concerns.
>
> My understanding is that each encrypted block depends upon the previous
> block (if not the entire chain), so what happens should an intermediate
> block become corrupted?
Is this translation of your concern correct:
Can use of encryption make it easier for minor corruption on disk to
become crippling?
?
First of all, different systems do storage encryption differently, but
in any case you must worry about corruption no matter what.
ZFS exists, and long before ZFS had encryption support ZFS already would
turn minor corruption on disk into crippling corruption. But ZFS also
always gave you ways to deal with corruption at the storage level by
using redundancy (mirroring, raid-z, and/or "ditto blocks"). And
nowadays ZFS also makes corruption less crippling than it did in the
beginning.
> I ask because I am now using an SSD drive (which I don't really trust),
> but I was brought up on spinning rust for decades (no encryption).
SSD or HDD makes no real difference as to trust. SSDs have wear-
levelling and HDDs have bad block remapping tables, and either way that
have issues when it comes to secure deletion as others have mentioned.
You really should want storage devices to do FDE with a key stored in
EEPROM that can be overwritten to securely delete the drive, but you
also should want the host to do its own encryption as well with
bitlocker-style use of TPMs to unlock filesystems at boot time when the
host is in a trusted state. But we're now far afield from your original
concern.
Nico
--
More information about the cryptography
mailing list