Hi. Few months ago I started work on another (besides GBDE) disk encryption GEOM class. To don't confuse users I'll say it here and now: GELI is different than GBDE. It offers different features, but it also use different scheme for doing crypto work. It doesn't mean GBDE is broken! It doesn't mean GBDE should not be used anymore (I still use it by myself)! It is different and user should decide which one fits better his needs. Anyway. Below is the list of most important features offered by geli(8): - Utilize the crypto(9) framework, so when there is a crypto hardware available, geli(8) will make use of it automatically. If cryptography needs to be done in software, a dedicated kernel thread(s) will be started to do the crypto work in there. - Supports many cryptographic algorithms (currently AES, Blowfish and 3DES). - Can create a key from a couple of components (user entered passphrase, random bits from a file, etc.). - Allows to encrypt root partition - user will be asked for the passphrase before root file system is mounted. - User's passphrase is strengthen with: B. Kaliski, PKCS #5: Password-Based Cryptography Specification, Version 2.0., RFC, 2898. - Allows to use two independent keys (e.g. "user key" and "company key"). - It is fast - geli performs simple sector-to-sector encryption. - Allows to backup/restore Master Keys, so when user have to quickly destroy keys, it is able to get the data back by restoring keys from the backup. - Provider can be configured to automatically detach on last close (so user don't have to remember to detach provider after unmounting file system). - Allows to attach provider with a random, one-time keys - useful for swap partitions and temporary file systems. - Allows to automatically detach provider on last close. - Allows to overwrites on-disk keys with random data (when destroying them). One can define how many times. - You can define number of threads which are going to do software crypto work (useful for SMP systems). Things you need to know about geli(8). GELI (simlar to GBDE) offers privacy only - there is no data integrity verification, so when your disk/laptop will be stolen your data should be safe, but if someone can modify your encrypted data behind your back, geli is not going to detect these changes. GELI uses block-unique IVs, which means, every data block (sector) has a unique IV, which will not be changed when new data is written to the disk. This means, that if someone can sniff your disk traffic somehow or is able to get snapshots from your disk you could not be safe. IVs used by GELI are secret, which should help here a bit, but you still need to be careful. GELI uses one key to encrypt all the data, so when you have multi-terabyte storage, you should probably use AES-256 - AES-128 could not be enough. You have been warned. Enjoy! PS. GELI was sponsored by Wheel Sp. z o.o. (http://www.wheel.pl). -- Pawel Jakub Dawidek http://www.wheel.pl pjd_at_FreeBSD.org http://www.FreeBSD.org FreeBSD committer Am I Evil? Yes, I Am!
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:38:40 UTC