Solene Rapenne: > When using a bioctl crypto softraid, as blocks are encrypted > on the disk, does it mean the system can detect if disk has > been altered when reading a block?
No. Crypto softraid uses AES-XTS, which does not include any sort of integrity or authentication check. (This would require a significant change to the storage layout: Where would the checksums go?) Malleability is limited: Flipping a bit in the encrypted data will randomize a 16-byte chunk in the decrypted data. -- Christian "naddy" Weisgerber [email protected]
