From: Timothy Miller <miller@techsource.com>
To: Guillaume@Lacote.name
Cc: linux-kernel@vger.kernel.org, Linux@glacote.com
Subject: Re: Using compression before encryption in device-mapper
Date: Tue, 13 Apr 2004 12:57:16 -0400 [thread overview]
Message-ID: <407C1BEC.30801@techsource.com> (raw)
In-Reply-To: <200404131744.40098.Guillaume@Lacote.name>
Guillaume Lacôte wrote:
> Hi,
>
> I hope this is the right place to post this message; I tried to keep it small.
> Basically I really would like to implement compression at the dm level,
> despite all of the problems. The reason for this is that reducing redundancy
> through compression tremendously reduces the possibilities of success for an
> attacker. I had implemented this idea in a java archiver (
> http://jsam.sourceforge.net ).
>
> Although I am not a good kernel hacker, I have spent some time reading
> compressed-loop.c, loop-aes, dm-crypt.c, and various threads from lkml
> including http://www.uwsg.iu.edu/hypermail/linux/kernel/0402.2/0035.html
> Thus I would appreciate if you could answer the following questions regarding
> the implementation of a "dm-compress" dm personality.
>
[snip]
I have a suggestion. If you're compressing only for the sake of
obfuscation, then don't really try to save any space. Use a fast
compression algorithm which doesn't necessarily do a great job.
When you're going to write, compress the block. If it gets smaller,
fine. Store it in the same space it would have required even if it were
uncompressed. If the block gets bigger, then store it uncompressed.
Whether or not the block could be compressed would be stored in metadata
(in the inode, I guess).
next prev parent reply other threads:[~2004-04-13 16:57 UTC|newest]
Thread overview: 31+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-04-13 15:44 Using compression before encryption in device-mapper Guillaume Lacôte
2004-04-13 16:57 ` Timothy Miller [this message]
2004-04-14 6:48 ` Guillaume Lacôte
2004-04-13 17:45 ` Jörn Engel
2004-04-13 19:42 ` Ville Herva
2004-04-14 6:54 ` Guillaume Lacôte
2004-04-14 9:43 ` Jörn Engel
2004-04-14 10:02 ` Guillaume Lacôte
2004-04-14 11:25 ` Jörn Engel
2004-04-14 12:44 ` Paulo Marques
2004-04-14 13:34 ` Jörn Engel
2004-04-14 13:58 ` maccorin
2004-04-14 14:02 ` Guillaume Lacôte
2004-04-14 14:39 ` Grzegorz Kulewski
2004-04-14 15:07 ` Guillaume Lacôte
2004-04-14 16:14 ` Grzegorz Kulewski
2004-04-14 15:23 ` Paulo Marques
2004-04-14 15:32 ` Guillaume Lacôte
2004-04-14 17:25 ` Bill Davidsen
2004-04-15 9:28 ` Jörn Engel
2004-04-22 7:59 ` Guillaume Lacôte
2004-04-22 9:18 ` Jörn Engel
2004-04-22 10:20 ` Guillaume Lacôte
2004-04-22 12:15 ` Jörn Engel
2004-04-22 13:06 ` Guillaume Lacôte
2004-04-22 16:00 ` Jörn Engel
2004-04-23 15:16 ` Guillaume Lacôte
2004-04-23 16:57 ` Jörn Engel
[not found] <1KykU-4VD-17@gated-at.bofh.it>
[not found] ` <1KPvh-26S-7@gated-at.bofh.it>
[not found] ` <1KSMw-4P1-13@gated-at.bofh.it>
[not found] ` <1KTfJ-5gK-25@gated-at.bofh.it>
2004-04-14 15:02 ` Pascal Schmidt
2004-04-14 15:25 ` Guillaume Lacôte
2004-04-14 19:29 ` Pascal Schmidt
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=407C1BEC.30801@techsource.com \
--to=miller@techsource.com \
--cc=Guillaume@Lacote.name \
--cc=Linux@glacote.com \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.