On Wed, Feb 19, 2003 at 03:44:14PM +0000, David Woodhouse wrote:
> On Wed, 2003-02-19 at 15:35, Erik Mouw wrote:
> > File level encryption gives an attacker information about the files on
> > your system.
> > 
> > Suppose I can get hold of your disk and I want to know if you are
> > subscribed to linux-kernel. I just mount the disk, and if I find a file
> > called "dwmw2/Mail/linux-kernel", it gives me a large hint you are
> > indeed subscribed. No, I can't decrypt the file, but that wasn't my
> > purpose. I do however know the file metadata, like the filename, the
> > owner, modification time, length, etc.
> 
> Not if the metadata were encrypted too.

But I still can see where the metadata lives on the disk, which gives
me a hint what kind of filesystem you are using. The more information,
the easier the attack.

> You speak only of block-level encryption and of file-level (i.e.
> application-based) encryption. But don't forget that there's a layer
> _between_ the applications and the block device. :)
> 
> My question was what's wrong with doing encryption in the file system?

If you want to encrypt files, you have to do it right. Any information
can lead to a possible compromise of the system, so the best is to hide
everything, which can only be done by block level encryption.


Erik

-- 
J.A.K. (Erik) Mouw
Email: J.A.K.Mouw@its.tudelft.nl  mouw@nl.linux.org