[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH v2] Describe flaws in qcow/qcow2 encryption in t
From: |
Daniel P. Berrange |
Subject: |
Re: [Qemu-devel] [PATCH v2] Describe flaws in qcow/qcow2 encryption in the docs |
Date: |
Wed, 22 Jan 2014 15:48:19 +0000 |
User-agent: |
Mutt/1.5.21 (2010-09-15) |
On Wed, Jan 22, 2014 at 08:24:00AM -0700, Eric Blake wrote:
> On 01/22/2014 05:28 AM, Daniel P. Berrange wrote:
>
> >
> > Recommend against any use of QCow/QCow2 encryption, directing
> > users to dm-crypt / LUKS which can meet modern cryptography
> > best practices.
> >
> > Signed-off-by: Daniel P. Berrange <address@hidden>
> > ---
> > qemu-doc.texi | 23 ++++++++++++++++++++---
> > qemu-img.texi | 23 ++++++++++++++++++++---
> > 2 files changed, 40 insertions(+), 6 deletions(-)
>
> > +
> > address@hidden @minus
> > address@hidden The AES-CBC cipher is used with predictable initialization
> > vectors based
> > +on the sector number. This makes it vulnerable to chosen plaintext attacks
> > +which can reveal the existence of encrypted data.
> > address@hidden The user passphrase is directly used as the encryption key.
> > A poorly
> > +choosen or short passphrase will compromise the security of the encryption.
>
> s/choosen/chosen/ (both files)
>
> > +In the event of the passphrase being compromised there is no way to change
>
> and still my question whether this deserves a third @item.
I was considering this to be a result of using the passphrase as the
key. It does however read better if split out, so I've made that change.
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|