[dm-devel] [PATCH 0/1] dm-integrity: integrity protection device-mapper target
Kasatkin, Dmitry
dmitry.kasatkin at intel.com
Mon Sep 24 16:20:45 UTC 2012
On Mon, Sep 24, 2012 at 4:47 PM, Milan Broz <mbroz at redhat.com> wrote:
> On 09/24/2012 11:55 AM, Dmitry Kasatkin wrote:
>> Both dm-verity and dm-crypt provide block level integrity protection.
>
> This is not correct. dm-crypt is transparent block encryption target,
> where always size of plaintext == size of ciphertext.
>
Of course... It is just said in relation to integrity protection.
It is said about encryption in following paragraphs...
> So it can provide confidentiality but it CANNOT provide integrity protection.
>
Yes, it provides confidentiality and via encryption it provides
certain level of integrity protection.
Data cannot be modified without being detected.
Decryption will result in garbage...
> We need extra space to store auth tag which dmcrypt cannot provide currently.
>
>> dm-integrity provides a lighter weight read-write block level integrity
>> protection for file systems not requiring full disk encryption, but
>> which do require writability.
>
> Obvious question: can be dm-verity extended to provide read-write integrity?
>
I think re-calculating hash trees all the time and syncing block
hashes and tree itself
is heavier operation...
> I would prefer to use standard mode like GCM to provide both encryption and
> integrity protection than inventing something new.
As said, if encryption is considered heavy operation in term of CPU
and battery usage
and also if encryption is not desired for some reasons that would be an option.
- Dmitry
>
> Milan
More information about the dm-devel
mailing list