On Tue, Mar 26, 2013 at 05:13:27PM +0100, Jesus Cea wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On 26/03/13 16:52, Nick Zivkovic wrote: > > Per dataset would be ideal. But full disk is better than nothing. > > I fully agree here. > > But... I found annoying that Oracle ZFS encryption per dataset doesn't > hide datasets names, number of files, sizes of files and datasets, > etc. I understand the reason (notably, being able to scrub or resilver > a zpool with encrypted datasets) but it is... disturbing.
All of those could, I suppose, lead to probable plaintext attacks in the worst case. You could argue for chosen-plaintext too, if, say within the encrypted dataset is a mirror of a modifiable external archive, say a source-code tree. Unless your threat environment includes whole-divisions of a national intelligence service, I'm not sure if knowing what you describe is enough to cause concern. There are ZFS people here who worked with the early and when-it-was-open designs of the Oracle ZFS per-dataset encryption. I'm not sure if they are comfortable revealing early design discussions, but if they are, it would help illuminate things. Dan ------------------------------------------- illumos-discuss Archives: https://www.listbox.com/member/archive/182180/=now RSS Feed: https://www.listbox.com/member/archive/rss/182180/21175430-2e6923be Modify Your Subscription: https://www.listbox.com/member/?member_id=21175430&id_secret=21175430-6a77cda4 Powered by Listbox: http://www.listbox.com
