Mailinglist Archive: opensuse (3337 mails)

< Previous Next >
Re: [opensuse] cryptoloop
  • From: Henne Vogelsang <hvogel@xxxxxxxxxxxx>
  • Date: Fri, 21 Apr 2006 16:46:47 +0200
  • Message-id: <20060421144647.GP15857@xxxxxxxxxxxx>
Hi,

On Friday, April 21, 2006 at 15:58:13, Oliver Tennert wrote:
> Am Freitag, 21. April 2006 15:35 schrieb Henne Vogelsang:
> >
> > > I understand that (Open)SUSE 10.1 ist going to be the test arena for SLES
> > > 10, or am I wrong?
> >
> > You do. They are from the same codebase yes but SUSE Linux is no testbed
> > for SUSE Linux Enterprise 10!
>
>
> OK, I put it another way: the experience you get from SUSE 10.1 surely
> influences SLES development.

And the experience we get from SUSE Linux Enterprise 10 will surely
influence SUSE Linux development :) Its one codebase so for us there is
no difference.

> > dm-crypt is far away from being the standard for encrypted filesystems.
>
> If you define "standard" to be the most deployed solution, then yes it is.
> cryptoloop surely is completely out.

I define standard to be the best working solution that exists.

> > It has the same problem with weak IV generation as cryptoloop. And ESSIV
> > is not very well analyzed yet (the things someone like David Wagner says
> > about it do not help either). It does not bring any significant
> > advantages over cryptoloop that justify the main problem we have with
> > making a switch. You have to provide an upgrade path. And with
> > enterprise products you have to provide an upgrade path for several
> > years (read 7). This means that the more often you switch the
> > implementation the more scenarios you have to cover in your upgrade path
> > and the likelier you will fail to provide one. [1]
>
> I do not understand that: surely you need an upgrade path when you break
> compatibility. But if you don't then the upgrade path is as trivial as it is
> when switching to cryptoloop.

The switch to cryptoloop in 9.2 was far from being trivial as i noted.
The same happens if we migrate now to dm-crypt and what comes after
dm-crypt? There are already other implementations "in the pipe"
(CryptFS, NCryptFS, Reiserfs4 with crypto module, acrypto, etc.). As i
pointed out this is something we have to seriously consider given the
timeframes of an enterprise product.

> The advantage you get however if you switch to dm-crypt is: actively
> maintained code plus additional features and enhanced security.

In reality dm-crypt is as maintained as cryptoloop and the enhanced
security is not very well analyzed.

> > So in short, simply because its new and everybody else uses it its
> > not better in any way.
>
> First: dm-crypt is not new, but intree since 2.6.4. Second: switching
> to something obsolete and unmaintained surely is wrong.

Hm maybe we weren clear on this. The switch already happend with SUSE
Linux 9.2 (and afair also in some SLES9 service pack). It is not
happening now. Its mentioned in the release notes of SLES10 because
thats the first SLES version since SLES9 that uses cryptoloop as
default. Switching in CODE10 products (SL10, SLES10) would mean another
switch.

Henne

--
Henne Vogelsang, Core Services
"Rules change. The Game remains the same."
- Omar (The Wire)

< Previous Next >
Follow Ups