And without any of those things, there’s no way to provide cryptographic authentication in any of the common ways we know how to provide it. There’s simply no room to store IVs, nonces, counters, or authentication tags. The last two constraints mean that the ciphertext must be the exact same size as the plaintext. (This goes doubly so if encryption is applied after operating system installation - there may not be space to steal!) Stealing significant amounts of space for ‘overhead’ is not feasible. People expect hard disks to provide roughly the amount of advertised space.You really need to avoid updating multiple sectors for a single write - if power is lost during the operation, the inconsistencies will not be able to be resolved easily, if at all.It must support random read and write access - any sector may be read at any time, and any sector may be updated at any time.Essentially, if the crypto happens slower than the disk read speed (said another way, if the CPU is a bottleneck) - your solution is untenable to the mass market Disk Encryption must be really, really fast.That sounds depressing, but it’s pretty accurate - trying to encrypt an entire hard drive is riddled with constraints. Disk Encryption is “a litany of difficult tradeoffs and messy compromises” as our good friend and mentor Tom Ptacek put it in his blog post.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |