[nycbug-talk] Re: Roland Dowdeswell interview on CGD

Johnny Lam jlam
Fri Dec 23 12:01:10 EST 2005


George R. wrote:
> Ray Lai wrote:
>>
>> I've always wondered how gracefully encrypted disks handled crashes.
>> Does anyone have any experience?  I've used the encrypted disk image
>> for qemu before, but a crash ren
> 
> 
> Excellent point Ray. . .  encryption, particularly disk level (which CGD 
> is not), may raise some issues of data integrity in the event of crashes.
> 
> Roland, why don't you speak to this, even though CGD is file-based, right?

No, CGD is not file-based -- it works at the block-level.  It provides a 
pseudo-disk that can be partitioned, disklabeled, and newfs'ed like any 
other disk.  I consider this a strength since it foils meta-data 
attacks, e.g. looking at directory structures to glean information about 
the likely contents of files.  IIRC, because CGD works block-by-block 
and because of the "write atomicity" that Roland talks about in the 
interview, losing power when using CGDs is no different than losing 
power with normal disks -- you just lose whatever has failed to write to 
the disk, but it doesn't affect the existing data on the CGD pseudo-disk.

Incidentally, I use the 2-factor authentication scheme that Roland talks 
about in the paper.  It works like a charm with CGD on my laptop to 
protect sensitive data.

	Cheers,

	-- Johnny Lam <jlam at pkgsrc.org>




More information about the talk mailing list