[dm-crypt] Status of trim for SSds?

Philipp Wendler ml at philippwendler.de
Thu Jul 14 19:14:18 CEST 2011


Am 14.07.2011 18:52, schrieb Milan Broz:

> But if you fill disk by random and someone later run fstrim while
> device was mounted, it will uncover various patterns there. This is new problem.
> I am almost sure that filesystem type could be detected from ciphertext device
> by using non-discarded block pattern analysis. What else depends on situation.

I agree on that. But then again, just guessing the filesystem would
probably be easier (I guess that most people use ext3/4).
And you could even look at the content of the initrd to see which
filesystem is used for /, for example.

I was thinking that perhaps you can guess some of the metadata of the
filesystem (free-block list etc.), but as far as I known there are no
relevant known-plaintext attacks on AES, so I'd be willing to take that

> If you have some analysis what is possible to recover, please post it to the list,
> it could be very interesting.

No, unfortunately I have never heard of such an analysis, that's why I
was asking.

Greetings, Philipp

More information about the dm-crypt mailing list