Comments (7)
danmcd
commented on August 10, 2024
You have an HMAC but only over the first N bytes to reject bad keys. Using a cipher without some sort of packet integrity may enable self-healing block-splicing attacks. Now ChaCha20 isn't CBC, it's CTR, BUT even CTR-mode ciphers need some sort of integrity protection. In SSL, ChaCha20 is paired with Poly1305. Poly1305 has ChaCha20 properties, as it comes from DJB as well.
from rfd.
bcantrill
commented on August 10, 2024
Is the concern that the dump might be tampered with? We're definitely not trying to make the dump tamperproof -- we're trying to prevent it from being seen in cleartext by the attacker.
from rfd.
rmustacc
commented on August 10, 2024
Thanks for putting this together, in general, it all looks good. I agree
that the treat vector that we're worried about isn't the dump on the
dump device being rewritten right now, but one of just the security of
the data. If someone else has maliciously changed the dump device
contents, that seems much more problematic. However, we do have the
algorithm version in the header, so that allows us to deal with that as
necessary.
One question that I have is do we have to have it be the case that if we
have an older dump header version we can't compress this? It seems like
if we have systems that are in that case, rather than have to find the
old savecore, the new savecore could know how to handle the differences
between the two versions as they don't seem that big. While it does
complicate the userland implementation, it shouldn't impact the actual
dump path.
from rfd.
danmcd
commented on August 10, 2024
If tamper-proofing is not a concern, that needs to be documented as such. Others will notice encryption-with-no-integrity and get their reflexes triggered. Please be ready to address it. I may even be missing reasons why it's important beyond tamper-resistance, but I'm pretty sure you don't have to worry about it for tampering reasons (at least in the short-and-medium-term).
from rfd.
rzezeski
commented on August 10, 2024
(there is currently no way to disable dump encryption once enabled).
I don't follow this sentence. If I enable encrypted dump on my machine with dumpadm -k ..., I can never disable it in the future? I understand that once a particular core is encrypted the only way I'm reading it is by decrypting it with the correct key; but it seems you are saying that once you enable encrypted dump on a box there is no going back. That is, I can't later disable encrypted dump for future crashes. If that's the case, I don't understand the reasoning.
Also, what about changing the key? I imagine you can just rerun dumpadm -k? If so, might want to call that out explicitly.
from rfd.
bcantrill
commented on August 10, 2024
I have updated the RFD to address @danmcd's concerns (calling out that this is not to prevent tampering) as well as to change the implementation to allow for spontaneous upgrades.
from rfd.
bcantrill
commented on August 10, 2024
@rzezeski: There is no way to disable encryption without rebooting -- I'll clarify both the RFD and the docs.
from rfd.
Related Issues (20)
- RFD 156: SmartOS/Triton Boot Modernization HOT 24
- RFD 150 Operationalizing Prometheus discussion HOT 20
- Discussion for RFD 158 HOT 14
- RFD 117: Discussion HOT 2
- RFD 159 Discussion HOT 4
- RFD 160 Discussion: CloudWatch-like Metrics for Manta HOT 1
- RFD 163 Cloud Firewall Logging discussion HOT 13
- RFD 164 Open Source Policy HOT 4
- RFD 165 Discussion HOT 8
- RFD 166 Improving phy Management
- RFD 168 Bootstrapping a Manta Buckets deployment HOT 5
- RFD 170 Manta Picker Component HOT 11
- RFD 171 Discussion!!! 🎉 HOT 32
- RFD 172 CNS Aggregation Discussion HOT 10
- RFD 174 Manta storage efficiency discussion HOT 46
- RFD 175 SmartOS integration process changes discussion HOT 27
- RFD 176: discussion HOT 5
- RFD 181: Improving Manta Storage Unit Cost (MinIO) Discussion HOT 3
- RFD 182: Altering system pool detection in SmartOS/Triton
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from rfd.