On 03/01/15 23:17, Ted Unangst wrote:
> Peter J. Philipp wrote:
>> Hi,
>>
>> I am not the best C reader and programmer out there so I try to make
>> myself tools that may seem useless in order to better understand. I see
>> this in /sys/dev/softraid_crypto.c
>>
>> ----
>> int
>> sr_crypto_encrypt(u_char *p, u_char *c, u_char *key, size_t size, int alg)
>> {
>> rijndael_ctx ctx;
>> int i, rv = 1;
>>
>> switch (alg) {
>> case SR_CRYPTOM_AES_ECB_256:
>
> This function is only used to encrypt the master key, which is a small chunk
> of random data.
>
Thanks for taking a look Tedu, I really appreciate it. I'm wondering
does this master key use salt to protect against rainbow tables? At a
glance at the code I see not mention of salt.
>> dd if=/dev/zero of=EFS2 bs=1g count=1
>> vnconfig vnd0 EFS2
>> bioctl -c C -l /dev/vnd0a softraid0
>>
>> And I created a filesystem on it and populated it. In fact I use this
>> EFS2 file for storing work related things in it (so I can never share
>> it). I ran this program over the EFS2 file:
>
>> so it says that there is 652063 occurences where AES blocks were
>> duplicated, to me that's near 10 MB of material someone can use like the
>> above [1] where it says it could describe the data pattern.
>
> It seems more likely you found the 652063 zero blocks that haven't been
> written to yet.
>
> Note that if you are concerned about people doing stat analysis on your
> encrypted disk, you should be sure to overwrite the entirety of it. Either
> with /dev/random on the outside, or /dev/zero on the inside, to ensure the
> used and unused portions look the same.
>
That's good advice I'll try to fill up the space inside with a file and
see if the number of those blocks goes down. It isn't all zero blocks
but the majority of it could be.
Cheers,
-peter
