[Bug 265433] In geli section, add explanation to data integrity management

From: <bugzilla-noreply_at_freebsd.org>
Date: Wed, 27 Jul 2022 01:25:39 UTC

--- Comment #2 from clear.screen@orange.fr ---
As the GELI manual page [GELI(8)] say : the additional option -a "Enable data
integrity verification" [...] "If the option is not given, there will be no
authentication, only encryption."

The encryption/decryption process provide confidentiality (prevent
non-authorized people to grant access to the data). Such algorithm with
cryptographic mechanism ensure that encrypted data with genuine
encryption/decryption key(s) will be decrypted but could not offer any
guarantee against data corruption at storage layer or during computation.

The whole data integrity process can rely (in sequence) on 
- checking and correction mechanism of the hardware storage unit (in case of a
silent hardware failure)
- data integrity checking mechanism of the cryptographic layer (in case of
failure in hardware or software implementation)
- finally, on the data integrity checking and correction mechanism of the

Any failure on this dependency chain will lead to data corruption which is not
related to an attacker but to hardware/software failure.

In the case of the media itself does not report errors (damaged flash devices
for example), altered encrypted blocks will lead to corrupted data output. 

Thus, retrieving data (if it's possible) will only rely on the filesystem

Having data authentication enabled on the encryption/decryption layer would
allow warning at early and low-level stage.

You are receiving this mail because:
You are the assignee for the bug.