[Bug 265433] In geli section, add explanation to data integrity management
Date: Wed, 27 Jul 2022 01:25:39 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=265433 --- Comment #2 from clear.screen@orange.fr --- As the GELI manual page [GELI(8)] say : the additional option -a "Enable data integrity verification" [...] "If the option is not given, there will be no authentication, only encryption." The encryption/decryption process provide confidentiality (prevent non-authorized people to grant access to the data). Such algorithm with cryptographic mechanism ensure that encrypted data with genuine encryption/decryption key(s) will be decrypted but could not offer any guarantee against data corruption at storage layer or during computation. The whole data integrity process can rely (in sequence) on - checking and correction mechanism of the hardware storage unit (in case of a silent hardware failure) - data integrity checking mechanism of the cryptographic layer (in case of failure in hardware or software implementation) - finally, on the data integrity checking and correction mechanism of the filesystem Any failure on this dependency chain will lead to data corruption which is not related to an attacker but to hardware/software failure. In the case of the media itself does not report errors (damaged flash devices for example), altered encrypted blocks will lead to corrupted data output. Thus, retrieving data (if it's possible) will only rely on the filesystem capacities. Having data authentication enabled on the encryption/decryption layer would allow warning at early and low-level stage. -- You are receiving this mail because: You are the assignee for the bug.