[prev in list] [next in list] [prev in thread] [next in thread] 

List:       qemu-devel
Subject:    Re: [Qemu-devel] Re: [PATCH] qemu-img: set encrypted disk image
From:       Laurent Vivier <laurent () lvivier ! info>
Date:       2008-07-30 21:41:01
Message-ID: 9CED4660-FF20-422E-B877-3C9FCE2F00D5 () lvivier ! info
[Download RAW message or body]


Le 30 juil. 08 à 22:18, nuitari-qemu@nuitari.net a écrit :

>> Qemu-img doesn't need a password when it creates the disk image  
>> because there is nothing to encrypt in an empty image and the  
>> password is never stored in it.
>
> Okay... this might be better documented.
>
> I somewhat expected that most of the meta data for an encrypted disk  
> would also be encrypted, maybe with the execption of a simple  
> signature at the start.

Meta-data are not encrypted, only data.

Meta-data cannot give any information about data, allowing someone to  
crack the key. So encrypting data is enough.

For instance, when you encrypt a file on ext3, you don't encrypt the  
filesystem metadata (like inode and block pointers). Meta-data of  
qcow2 are like meta-data of ext3.

Regards,
Laurent
----------------------- Laurent Vivier ----------------------
"The best way to predict the future is to invent it."
- Alan Kay








[prev in list] [next in list] [prev in thread] [next in thread]