On Tue, Aug 21, 2018 at 20:22 Alan Somers <asom...@freebsd.org> wrote:
> On Tue, Aug 21, 2018 at 9:13 PM Sean Fagan <s...@ixsystems.com> wrote: > >> On Aug 21, 2018, at 8:11 PM, Alan Somers <asom...@freebsd.org> wrote: >> > The last time I looked (which was a long time ago), Oracle's ZFS >> encryption looked extremely vulnerable to watermarking attacks. Did >> anybody ever fix that? >> >> This isn’t Oracle’s implementation, but I don’t know how compatible or >> not it is with it. >> >> Sean. >> > > It wasn't just an implementation problem, it was in the design. IIRC, > Oracle's encryption allowed encrypted blocks to be deduplicated. There's > pretty much no way to defend against watermarking attacks with such a > design. Does the new encryption design have the same flaw? > I would ask the original developer that question (see the commit I linked to). The current dedup Implementation is terrible, so there are very few users of it. -M > > -Alan > _______________________________________________ freebsd-current@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"