Date: Sat, 28 Jan 2006 19:34:49 +0100 (CET) From: Christian Baer <christian.baer@informatik.uni-dortmund.de> To: freebsd-security@freebsd.org Subject: Should I use gbde or geli? Message-ID: <drgdg9$1klu$9@nermal.rz1.convenimus.net>
next in thread | raw e-mail | index | archive | help
Hello out there, everybody! I was actually expecting to find several (hundred) threads with this subject being discussed. To my surprise I didn't find a single one either on these mailing lists or in the newsgroups - at least not in a language I understand. :-) I realize that gbde and geli are not designed to be better than the other but that both fit different needs and different tastes. Although I I am studying computer science myself, I haven't really gotten to this kind of stuff yet, so simply listing the differences doesn't help too much. For a friend of mine I am thinking up a fileserver for his own little company that contains *very* sensitive information (mainly stuff that is still in developement or on the way of a patent or something like that). Attempts have been made to get at this data the "hard way". The only thing that hasn't happened so far is someone coming into the office with a gun and saying "Stick 'em up!". :-) The main idea is to make the information absolutely useless if the computer itself is somehow stolen. For this reason I have thought up a few criteria (in no particular order): 1. The file system (or rather the encryption) itself must be as secure as possible. gbde uses 128bit AES with a different key for every sector, geli uses up to 256bit AES with the same key all the time. geli also supports blowfish. Which one of these approaches is more secure? geli is newer but that doesn't say much for itself. 2. Since swap and temp space can also contain sensitive information it seems reasonalbe to encrypt these. geli seems to do fine on this task, while I have read of problems doing this with gbde. Is this still true? 3. geli supports crypto(9) which is great. However, I did read that PHK had a version of gbde that also supported crypto(9) but didn't finish it because the performance didn't improve all that much. This message is now about 6 months old. Has any work been done on this since then? All this is mind, performance is not really of prime importance though. 4. In one of the presentations on gbde, PHK spoke about gbde being able to install a new pass-phrase without having to re-encode all the information on the drives[1]. Is this also true for geli? 5. The ideal protection would be to keep the server running[2] and have it connected to the alarm system, so when the alarm is tripped, the server destroys its master-keys and renders the information useless. In case this happens by mistake (false alarm) or the burglar leaves the computer alone for some reason, restoring this information would be very useful. I know this can be done with geli. Does gbde support something like this? A further issue here is the destruction of the keys. AFAIK gbde wants the pass-phrase for this. This poses a problem since the alarm system doesn't have the pass-phrase and noone should be dumb enough to keep the pass-phrase on the server itself so this can work. But even if done manually, entering the pass-phrase could be a problem since a good pass-phrase thends to be long and consists of two parts. Basicly speaking, there probably won't be enough time to stick in the USB-stick (something you have) and add the memorized part (something you know) if you have to nuke your files in a hurry. Is there a way around this with gbde? After considering this, am I better off with gbde or geli? Have I missed anything in my little list? Thanks and regards! Chris [1] A useful feature if the USB-Stick containing part of the pass-phrase were solen. [2] Which happens all the time anyway since often long calculations run overnight.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?drgdg9$1klu$9>