ChaCha8/12/20 and GEOM ELI tests
rozhuk.im at gmail.com
rozhuk.im at gmail.com
Wed Jan 14 05:16:50 UTC 2015
> >> Depends on the capabilities of the attacker.
> >>
> >> To be able to continuously read encrypted sectors for data
> collection is too much.
> >>
> >
> When talking about disk encryption the first assumption is that the
> attacker always has this capability, even with so much power the
> attacker shouldn't be able to break the encryption scheme. If he can
> then the encryption scheme is not secure.
>
> Ift the attacker can learn anything about the unencrypted data or
> predict something about future encrypted or unencrypted blocks by
> analyzing the previous encrypted blocks the encryption scheme should
> be considered insecure.
I consider the case when the disk can be obtained by physically an attacker.
All the rest of the disk directly connected to the computer.
If an attacker can read encrypted data directly to disk means that the system is already compromised by an attacker, and probably in this case can read the data from the disk and through read() already decrypted and get the key from the kernel memory.
More information about the freebsd-geom
mailing list