On Monday 02 March 2015, Peter J. Philipp wrote:
> On 03/01/15 23:17, Ted Unangst wrote:
> > Peter J. Philipp wrote:
> >> Hi,
> >>
> >> I am not the best C reader and programmer out there so I try to make
> >> myself tools that may seem useless in order to better understand. I see
> >> this in /sys/dev/softraid_crypto.c
> >>
> >> ----
> >> int
> >> sr_crypto_encrypt(u_char *p, u_char *c, u_char *key, size_t size, int
> >> alg) {
> >> rijndael_ctx ctx;
> >> int i, rv = 1;
> >>
> >> switch (alg) {
> >> case SR_CRYPTOM_AES_ECB_256:
> >
> > This function is only used to encrypt the master key, which is a small
> > chunk of random data.
>
> Thanks for taking a look Tedu, I really appreciate it. I'm wondering
> does this master key use salt to protect against rainbow tables? At a
> glance at the code I see not mention of salt.
I would strongly suggest that you follow the entire path through, rather than
reading small pieces of code and guessing as to how the rest of the code may
be implemented. In other words, you might want to undertake some research and
see if you can answer the following questions (the questions that you are
asking will likely be answered in the process):
- What encryption algorithm/mode is used for disk block encryption?
- Where do the keys come from that are used for the disk block
encryption/decryption?
- How are the keys that are used to encrypt the disk blocks stored?
- When creating a new softraid crypto volume, where does the key come from?
- What happens if you use a keydisk instead of a passphrase?
> >> dd if=/dev/zero of=EFS2 bs=1g count=1
> >> vnconfig vnd0 EFS2
> >> bioctl -c C -l /dev/vnd0a softraid0
> >>
> >> And I created a filesystem on it and populated it. In fact I use this
> >> EFS2 file for storing work related things in it (so I can never share
> >> it). I ran this program over the EFS2 file:
> >>
> >> so it says that there is 652063 occurences where AES blocks were
> >> duplicated, to me that's near 10 MB of material someone can use like the
> >> above [1] where it says it could describe the data pattern.
> >
> > It seems more likely you found the 652063 zero blocks that haven't been
> > written to yet.
> >
> > Note that if you are concerned about people doing stat analysis on your
> > encrypted disk, you should be sure to overwrite the entirety of it.
> > Either with /dev/random on the outside, or /dev/zero on the inside, to
> > ensure the used and unused portions look the same.
>
> That's good advice I'll try to fill up the space inside with a file and
> see if the number of those blocks goes down. It isn't all zero blocks
> but the majority of it could be.
By design softraid does not scrub or overwrite what is on the underlying disk
chunks until such time as you actually write data to the softraid volume. As
Ted noted, you will need to fill the disk chunks (or softraid volume)
yourself if you want to guarantee such a state.
--
"Action without study is fatal. Study without action is futile."
-- Mary Ritter Beard
