From: Milan Broz <gmazyland@gmail.com>
To: Andreas Hartmann <andihartmann@01019freenet.de>
Cc: "Lukáš Czerner" <lczerner@redhat.com>,
util-linux@vger.kernel.org, "Karel Zak" <kzak@redhat.com>
Subject: Re: Questions concerning fstrim and online discard.
Date: Wed, 17 Oct 2012 21:23:47 +0200 [thread overview]
Message-ID: <507F05C3.5070300@gmail.com> (raw)
In-Reply-To: <507EEAB0.7060900@01019freenet.de>
On 10/17/2012 07:28 PM, Andreas Hartmann wrote:
> I read a few articles about encryption with SSD. With linux / dm-crypt /
> cryptseup luks, plausible deniability isn't given at all because of the
> architecture of cryptsetup luks and the not completely crypted disk.
You can have separated LUKS header (with recent cryptetup) and if you
have filled device with random, you can map another device with different
offset into it. So you get the same arch like "plausible" deniability
in truecrypt, just it need some script magic.
But not possible with TRIM obviously... (hidden disk, possibly mapped
to unused outer disk space, could be discarded).
> Are there any known successfully carried out attacks (= partition /
> filesystem was decryptable by the attacker) on crypted partitions on
> SSDs which would have been not successful without TRIM enabled or is it
> (as of today :-)) more of theory?
I don't think so.
Discarded blocks are kind of side channel, you get more info about
device (like I tried to show it here - I can detect filesystem
from cipherdevice pattern here
http://asalor.blogspot.cz/2011/08/trim-dm-crypt-problems.html
Also read FAQ
http://code.google.com/p/cryptsetup/wiki/FrequentlyAskedQuestions#5._Security_Aspects
But without another weakness it should not lead to decryption
of data (and if attacker can repeatedly get snapshots of ciphertext
device, it can be problem even today).
I would like people to tink about the problem, assess the risks and
if discard is acceptable for their particular use case, no problem
switch TRIM on.
And the most common case - encrypted laptop to secure data against
random thief - should still work even with TRIM.
But targeted attack is something different. Really, you need
particular threat model to say if it is a problem.
Milan
prev parent reply other threads:[~2012-10-17 19:23 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-10-04 4:47 Questions concerning fstrim and online discard Andreas Hartmann
[not found] ` <alpine.LFD.2.00.1210151649540.15261@dhcp-1-104.brq.redhat.com>
2012-10-16 16:28 ` Andreas Hartmann
2012-10-16 19:07 ` Lukáš Czerner
2012-10-17 17:28 ` Andreas Hartmann
2012-10-17 19:23 ` Milan Broz [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=507F05C3.5070300@gmail.com \
--to=gmazyland@gmail.com \
--cc=andihartmann@01019freenet.de \
--cc=kzak@redhat.com \
--cc=lczerner@redhat.com \
--cc=util-linux@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).