Re: Is ZFS native encryption safe to use?
- In reply to: grarpamp : "Re: Is ZFS native encryption safe to use?"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Wed, 23 Aug 2023 07:38:32 UTC
On Wed, Aug 23, 2023, 02:02 grarpamp <grarpamp@gmail.com> wrote: > On 8/22/23, iio7@tutanota.com <iio7@tutanota.com> wrote: > > There seems to be a bit of open (and rather old) ZFS native encryption > > bugs which still haven't been fixed and it doesn't look like it is > > something that is being working on. > > > > Last night I was going to move some important files from an unencrypted > > dataset to a new encrypted (ZFS native) one, but then got my doubts > > about doing that (looking at all the different open GitHub issues on > > OpenZFS). > > > > There exist some rumors about the original company which did the ZFS > > native encryption work (the person doing the work left the company), > > and they haven't done more since. > > > > What is the general experience running with ZFS native encryption on > > FreeBSD? Is it better to use GELI for the whole pool instead? > > Neither GELI, nor the rest of the crypto subsystem, > nor the kernel, nor userland... has ever undergone > anything close to a real security audit, let alone an > independent one, let alone been formally verified. > > And agents, moles, malactors, bugs, and worse are running > rampant across the entire computing spectrum... from fab, > to shipping, to OS and crypto development, to magic packets, > to telecom, to phones, to firmware, software, apps, and updates, > BGP, your ISP, frontdoor, backdoor, back orifice, and more. > > Your use of any crypto, on any operating system, on any > hardware platform, on any network, is entirely at your own risk. > > Still lots of fun yet to be had... > > #OpenFabs , #OpenHW , #OpenAudit , #FormalVerification , > #CryptoCrowdFunding , #OpenTrust , #GuerrillaNets , > #P2PFiber , #GNURadioRF , #PrivacyCoins , #DropGangs , ... > Maybe it would work to use both. Encrypt the underlying devices with geli, plus encrypt the zfs dataset. I haven't tried this but it logically should be easy to layer them. You would be protected against a bug affecting either one this way, but of course the risk of both being compromised is still nonzero. For the best protection, perhaps different ciphers could be used. I'm not sure what options there are but I'm curious if someone in this wheelhouse could fill in my gaps. - Leif