On Thu, Apr 26, 2012 at 11:06 AM, Darren J Moffat <darren.mof...@oracle.com> wrote: > The over all dataset size in blocks yes that information is effectively in > the clear. > > However I don't think there is anyway to calculate a file size from the > information in the blkptr_t. Since even though the DMU object type and both > logical and physical size are in the blkptr_t I don't see how you easily > work out the size of any given file since the file names are encrypted. I > don't think you can even calculate how many files there are.
Yes, I know filenames are encrypted, and so is the directory tree structure. But object size in blocks does leak. That's not a big deal to me, but I can think of situations where that might actually matter. Imagine a person has his laptop confiscated at the border under suspicion of espionage, and though the person does not divulge their passwords the forensics analysts are able to demonstrate that some files on the laptop suspiciously match the size (in blocks, possibly compressed blocks) of the documents the person is thought to have stolen -- strong evidence at trial? Hard to say, but ZFS encryption is not intended to protect against such attacks. Nico -- _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
