I put these questions to Tom Caputi, who wrote the ZFS encryption. The quoted text below is what I asked him, and the unquoted text is his response:
> 1. Does ZFS rewrite the wrapped/encrypted master key in place? If > not, the old master key could be retrieved off disk, decrypted > with the known passphrase, and used to decrypt at least > _existing_ data. 1) No. This is definitely an attack vector (although a very minor one). At the time we had said that we would revisit the idea of overwriting old keys when TRIM was added. That was several years ago and TRIM is now in. I will talk to Brian about it after I am back from the holiday. > 2. Does a "zfs change-key" create a new master key? If not, the old > master key could be used to decrypt _new_ data as well, at least > until the master key is rotated. 2) zfs change-key does not create a new master key. It simply re-wraps the existing master key. The master keys are never rotated. The key rotation is done by using the master keys to generate new keys. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1857398 Title: ubiquity should support encryption by default with zfsroot, with users able to opt in to running change-key after install To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubiquity/+bug/1857398/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
