[prev in list] [next in list] [prev in thread] [next in thread]
List: qemu-devel
Subject: Re: [Qemu-devel] Re: [PATCH] qemu-img: set encrypted disk image
From: Laurent Vivier <laurent () lvivier ! info>
Date: 2008-07-30 21:41:01
Message-ID: 9CED4660-FF20-422E-B877-3C9FCE2F00D5 () lvivier ! info
[Download RAW message or body]
Le 30 juil. 08 à 22:18, nuitari-qemu@nuitari.net a écrit :
>> Qemu-img doesn't need a password when it creates the disk image
>> because there is nothing to encrypt in an empty image and the
>> password is never stored in it.
>
> Okay... this might be better documented.
>
> I somewhat expected that most of the meta data for an encrypted disk
> would also be encrypted, maybe with the execption of a simple
> signature at the start.
Meta-data are not encrypted, only data.
Meta-data cannot give any information about data, allowing someone to
crack the key. So encrypting data is enough.
For instance, when you encrypt a file on ext3, you don't encrypt the
filesystem metadata (like inode and block pointers). Meta-data of
qcow2 are like meta-data of ext3.
Regards,
Laurent
----------------------- Laurent Vivier ----------------------
"The best way to predict the future is to invent it."
- Alan Kay
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic