Date: Fri, 14 Apr 2017 13:54:02 -0700 From: Conrad Meyer <cem@freebsd.org> To: Alan Somers <asomers@freebsd.org> Cc: Mark Johnston <markj@freebsd.org>, "src-committers@freebsd.org" <src-committers@freebsd.org>, "svn-src-all@freebsd.org" <svn-src-all@freebsd.org>, "svn-src-head@freebsd.org" <svn-src-head@freebsd.org> Subject: Re: svn commit: r316938 - head/sbin/savecore Message-ID: <CAG6CVpW-4Odr1UbvaVMnejn7P5XhQKLQt9g7HjV8wk6_XNikgg@mail.gmail.com> In-Reply-To: <CAOtMX2hGsdhSW29K0LMbewRunvYX2MXNepoYDvs3FNd5XA_jTQ@mail.gmail.com> References: <201704141941.v3EJfmCW003347@repo.freebsd.org> <CAOtMX2gPHWRGiE9UA5AevZz=cTv_qksAWX0H-xRjDEHp0huCVg@mail.gmail.com> <20170414202918.GD5039@wkstn-mjohnston.west.isilon.com> <CAOtMX2hGsdhSW29K0LMbewRunvYX2MXNepoYDvs3FNd5XA_jTQ@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Apr 14, 2017 at 1:41 PM, Alan Somers <asomers@freebsd.org> wrote: > On Fri, Apr 14, 2017 at 2:29 PM, Mark Johnston <markj@freebsd.org> wrote: >> I've been hesitant about pushing it forward: >> - The dump_write* APIs need some simplification after the addition of >> encrypted dump support and support for dumping to 4Kn drives. >> - I'm not sure how encryption should compose with compression. It seems >> intuitively obvious that we should compress before encrypting if the >> compression is to be of any use, but I don't know enough to know >> whether the compression might somehow compromise the effectiveness of >> the encryption. >> >> If anyone has some insight on the second of these two points, I'd >> appreciate hearing it. > > I think compress then encrypt should be ok. AFAIK all attacks against > compress-then-encrypt systems have involved either incredibly short > payloads that are easy to guess, or a stream of separately compressed > blocks that can be fingerprinted. But core dumps are very long, and > they can't be fingerprinted in whole because they're unique. If you > were to encrypt each page individually then pages could be > fingerprinted, so don't do that. Instead, compress the entire core > dump as a single stream and you should be ok. +1.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAG6CVpW-4Odr1UbvaVMnejn7P5XhQKLQt9g7HjV8wk6_XNikgg>