[dm-crypt] Encrypted Raid1 or Raid 1 of encrypted devices?
eocsor at gmail.com
Thu Jul 14 13:41:58 CEST 2011
On Thu, Jul 14, 2011 at 9:01 PM, Arno Wagner <arno at wagner.name> wrote:
> I thing your risk model is wrong. Basically it covers attacks
> were the attacker has access to only the storage and at the same
> time can actually do something serious with data manipulation.
> That is a rather unlikely scenario for disk encryption. Note that
> for communication encryption, this is a real and valid scenario.
Given the prevalence of of iSCSI, FC and similar, I wouldn't say it's
all that unlikely.
I for one would quite like assurances that network block device
providers couldn't impact my security. But, I imagine I'll have to
wait a while longer...
More information about the dm-crypt