I put these questions to Tom Caputi, who wrote the ZFS encryption. The quoted text below is what I asked him, and the unquoted text is his response:
> 1. Does ZFS rewrite the wrapped/encrypted master key in place? If > not, the old master key could be retrieved off disk, decrypted > with the known passphrase, and used to decrypt at least > _existing_ data. 1) No. This is definitely an attack vector (although a very minor one). At the time we had said that we would revisit the idea of overwriting old keys when TRIM was added. That was several years ago and TRIM is now in. I will talk to Brian about it after I am back from the holiday. > 2. Does a "zfs change-key" create a new master key? If not, the old > master key could be used to decrypt _new_ data as well, at least > until the master key is rotated. 2) zfs change-key does not create a new master key. It simply re-wraps the existing master key. The master keys are never rotated. The key rotation is done by using the master keys to generate new keys. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to zfs-linux in Ubuntu. https://bugs.launchpad.net/bugs/1857398 Title: ubiquity should support encryption by default with zfsroot, with users able to opt in to running change-key after install Status in ubiquity package in Ubuntu: New Status in zfs-linux package in Ubuntu: New Bug description: zfs supports built-in encryption support, but the decision of whether a pool is encrypted or not must be made at pool creation time; it is possible to add encrypted datasets on top of an unencrypted pool but it is not possible to do an online change of a dataset (or a whole pool) to toggle encryption. We should therefore always install with encryption enabled on zfs systems, with a non-secret key by default, and allow the user to use 'zfs change-key -o keylocation=prompt' after install to take ownership of the encryption and upgrade the security. This is also the simplest way to allow users to avoid having to choose between the security of full-disk encryption, and the advanced filesystem features of zfs since it requires no additional UX work in ubiquity. We should make sure that https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1857040 is fixed first in the kernel so that enabling zfs encryption does not impose an unreasonable performance penalty. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubiquity/+bug/1857398/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
