* luks ssd idea
@ 2025-09-22 17:29 Vladimir Ivanovich
0 siblings, 0 replies; only message in thread
From: Vladimir Ivanovich @ 2025-09-22 17:29 UTC (permalink / raw)
To: cryptsetup
hello
luks default is disable ssd trim-discard command because leaks unused
blocks
what if shuffle data, maybe another mapper device, to leak less info?
fpe(n, key, i) = format preserving encryption, domain {0...n}
roll(n, offset, i) = (i + offset) % n
block_out = fpe(DISK_SIZE / BLOCK_SIZE, hkdf(LUKS_SHUFFLEBLOCK,
masterkey), block_in) page_out = roll(BLOCK_SIZE / PAGE_SIZE,
hash(hkdf(LUKS_SHUFFLEINDEX, masterkey) + block_in) % (BLOCK_SIZE /
PAGE_SIZE), page_in)
sorry for bad english, what you guys think of my proposal
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2025-09-22 17:29 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-09-22 17:29 luks ssd idea Vladimir Ivanovich
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox