lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 22 Aug 2017 23:33:51 +0800 From: Anand Jain <anand.jain@...cle.com> To: Eric Biggers <ebiggers3@...il.com> Cc: linux-fscrypt@...r.kernel.org, linux-doc@...r.kernel.org, linux-fsdevel@...r.kernel.org, linux-ext4@...r.kernel.org, "Theodore Y . Ts'o" <tytso@....edu>, Jaegeuk Kim <jaegeuk@...nel.org>, Richard Weinberger <richard@....at>, Michael Halcrow <mhalcrow@...gle.com>, Eric Biggers <ebiggers@...gle.com> Subject: Re: [PATCH] fscrypt: add a documentation file for filesystem-level encryption On 08/22/2017 10:55 AM, Eric Biggers wrote: > On Tue, Aug 22, 2017 at 10:22:30AM +0800, Anand Jain wrote: >> >> Hi Eric, >> >> How about a section on the threat model specific to the file-name ? >> >> (Sorry if I am missing something). >> >> Thanks, Anand > > It's already mentioned that filenames are encrypted: "fscrypt protects the > confidentiality of file contents and filenames in the event of a single > point-in-time permanent offline compromise of the block device content." > There's not much more to it than that; all the other points in the "Threat > model" section (offline manipulations, timing attacks, access control, key > eviction, etc.) are essentially the same between contents and filenames > encryption. Do you think if application does not keep the sensitive information in the file-name, would that remove the file-name from the list of items that should be protected ? Thanks, Anand
Powered by blists - more mailing lists