From: "André Gall" <dm-crypt@andregall.de>
To: dm-crypt@saout.de
Subject: [dm-crypt] Status of trim for SSds?
Date: Thu, 14 Jul 2011 16:46:38 +0200 [thread overview]
Message-ID: <4E1F014E.40508@andregall.de> (raw)
In-Reply-To: <4E1EF95D.40406@web.de>
Hello,
I'd like to know the current status about the compatibility of TRIM
(http://en.wikipedia.org/wiki/TRIM) for SSDs and dm-crypt. It is my
understanding, that the current version of dm-crypt does not support
trim operations and therefore SSDs that are encrypted with dm-crypt are
not able to work as efficiently and fast as they would with working trim.
One argument that is often heard in discussions about encryption and
trim, is that trim enables an attacker to tell used blocks from empty
blocks and that this might make an attack easier. However, I have never
heard of a case, where the knowlege about the used blocks lead to a
successfull attack of state-of-the-art crypto-algorithms and
implementations. Of course the attacker might be able to make some
guesses or assumptions about the content of the encrypted storage-device
by analysing the distribution of used blocks, but in most scenarios this
isn't an issue.
Is the support of TRIM a feature that's planned for the future? If so,
when? If not, why not?
André
next prev parent reply other threads:[~2011-07-14 15:01 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-07-11 22:17 [dm-crypt] Passphrase protected key file? Laurence Darby
2011-07-12 11:40 ` Jorge Fábregas
2011-07-12 12:47 ` Arno Wagner
2011-07-14 9:10 ` Ma Begaj
2011-07-14 11:04 ` Arno Wagner
2011-07-14 11:55 ` Ma Begaj
2011-07-14 13:35 ` Arno Wagner
2011-07-14 14:12 ` Heiko Rosemann
2011-07-14 14:46 ` André Gall [this message]
2011-07-14 15:55 ` [dm-crypt] Status of trim for SSds? Milan Broz
2011-07-14 16:04 ` Christoph Anton Mitterer
2011-07-14 16:39 ` Philipp Wendler
2011-07-14 16:52 ` Milan Broz
2011-07-14 17:14 ` Philipp Wendler
2011-07-15 13:59 ` Christian Hesse
2011-07-15 14:48 ` Milan Broz
2011-07-18 8:45 ` Christian Hesse
2011-07-18 10:04 ` Milan Broz
2011-07-18 10:16 ` Christian Hesse
2011-07-21 12:55 ` Christian Hesse
2011-07-24 17:18 ` MkFly
2011-07-24 18:34 ` Milan Broz
2011-07-14 19:27 ` [dm-crypt] Passphrase protected key file? Arno Wagner
2011-07-14 21:21 ` Heiko Rosemann
2011-07-14 21:44 ` Arno Wagner
2011-07-15 5:33 ` Iggy
2011-08-03 12:09 ` Laurence Darby
2011-08-03 13:41 ` Arno Wagner
2011-08-03 11:35 ` Laurence Darby
2011-08-03 13:45 ` Arno Wagner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4E1F014E.40508@andregall.de \
--to=dm-crypt@andregall.de \
--cc=dm-crypt@saout.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox