On Thu, Apr 26, 2012 at 4:04 AM, Darren J Moffat <darren.mof...@oracle.com> wrote: > On 04/26/12 04:52, Nico Williams wrote: >> You'd have to ask Darren, but IIRC the design he settled on allows for >> unkeyed integrity verification and repair. > > Yes it is. That was a fundamental requirement of adding encryption to ZFS. > We could not assume that the keys for all blocks in all datasets were > available at all times. > > Yet we have to be able to do resilvering due to individual block repair > (which is actually a copy on write operation) or hole disk > addition/replacement at any time.
Right, and since blkptr_t's are stored in indirect blocks and dnodes and so one, and since you want to be able to resilver without having keys, that means that the blkptr_t's have to be in the clear, which does leak some information, namely file and dataset size in blocks (and block size). Right? Nico -- _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography