[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Status of trim for SSds?



Hi,

Am 14.07.2011 18:52, schrieb Milan Broz:

> But if you fill disk by random and someone later run fstrim while
> device was mounted, it will uncover various patterns there. This is new problem.
> 
> I am almost sure that filesystem type could be detected from ciphertext device
> by using non-discarded block pattern analysis. What else depends on situation.

I agree on that. But then again, just guessing the filesystem would
probably be easier (I guess that most people use ext3/4).
And you could even look at the content of the initrd to see which
filesystem is used for /, for example.

I was thinking that perhaps you can guess some of the metadata of the
filesystem (free-block list etc.), but as far as I known there are no
relevant known-plaintext attacks on AES, so I'd be willing to take that
risk.

> If you have some analysis what is possible to recover, please post it to the list,
> it could be very interesting.

No, unfortunately I have never heard of such an analysis, that's why I
was asking.

Greetings, Philipp
_______________________________________________
dm-crypt mailing list
dm-crypt@xxxxxxxx
http://www.saout.de/mailman/listinfo/dm-crypt


[DM Devel]     [Fedora Desktop]     [ATA RAID]     [Fedora Marketing]     [Fedora Packaging]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

Add to Google Powered by Linux