lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Tue, 10 Apr 2012 11:05:34 -0500
From:	Tyler Hicks <tyhicks@...onical.com>
To:	Li Wang <liwang@...t.edu.cn>
Cc:	dustin.kirkland@...zang.com, torvalds@...ux-foundation.org,
	akpm@...ux-foundation.org, linux-kernel@...r.kernel.org,
	ecryptfs@...r.kernel.org, linux-fsdevel@...r.kernel.org
Subject: Re: [RFC] eCryptfs file system with HMAC verification

On 2012-04-10 21:26:58, Li Wang wrote:
> Hi,
>   we have implemented a prototype, which equips eCryptfs with HMAC verification,
> based on the kernel crypto API. This enables eCryptfs to detect unauthorized (cipher) 
> data modification and unexpected data corruption. And the preliminary experiments 
> demonstrate the decrease in throughput is modest. As a file system highlighting security,
> we think it should be useful.
>   Any comments/suggestions are welcome.

Hi Li - the paragraph above does not give me much to comment on but what
I can say is that an HMAC patch for eCryptfs was written years ago.
Unfortunately, it seems to have been lost. I don't think that the patch
was ever sent to a list but it lived in the project's old sourceforge
site for a long time.

The maintainer of eCryptfs at that time was also the original author of
eCryptfs, Mike Halcrow, and he opted to not merge the HMAC patch in
favor of using GCM for integrity protection. The HMAC patch was at least
his own design and maybe his own code (I can't quite remember), so he
wasn't negatively biased when deciding that GCM would be a better fit.
Here's a reference, although it isn't the actual patch review:

http://www.mail-archive.com/ecryptfs-users@lists.sourceforge.net/msg00271.html

You can find more about Mike's HMAC design in the design doc located the
ecryptfs-utils source tree.

So, the best way to proceed is probably to ask if you've given GCM any
consideration?

Tyler

Download attachment "signature.asc" of type "application/pgp-signature" (837 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ