Re: Idea: Encryption plugin architecture for file-systems

Dale Amon (amon@vnl.com)
Tue, 24 Apr 2001 17:08:12 +0100


On Mon, Apr 23, 2001 at 09:54:34PM -0500, David L. Nicol wrote:
> why not port one of the twenty or thirty preexisting tools
> that let you mount a filesystem from an encrypted file instead
> of making a generic layer? That way you could have inter-os
> portability. The steganographic ones make really impressive
> claims.

I'm doing an 18GB raid file system. The standard loopback is
working fine. What I am unsure of is the bobustness against lost
blocks when running "on the metal" vs interposing another file
system layer.

I suspect the answer is that each block is individually encrypted,
so that the worst case data loss is the same; that an ext2 on
top of an encrypted partition would be no worse off than the
same file system without the interposed layer. Both would find
a bad block and do their best.

But my knowledge of how the loopbacks are structured is not
good enough for me to say this with confidence. That's why
I'm asking here: in hopes that someone who really does know
can say something about the worst case data loses.

-- 
------------------------------------------------------
Use Linux: A computer        Dale Amon, CEO/MD
is a terrible thing          Village Networking Ltd
to waste.                    Belfast, Northern Ireland
------------------------------------------------------
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/