Re: [Qemu-devel] QCOW2 cryptography and secure key handling

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] QCOW2 cryptography and secure key handling

From:	Benoît Canet
Subject:	Re: [Qemu-devel] QCOW2 cryptography and secure key handling
Date:	Wed, 31 Jul 2013 17:27:14 +0200
User-agent:	Mutt/1.5.21 (2010-09-15)

> For example, current qcow2 encryption is vulnerable to a watermarking
> attack.
> http://en.wikipedia.org/wiki/Disk_encryption_theory#Cipher-block_chaining_.28CBC.29

void qcow2_encrypt_sectors(BDRVQcowState *s, int64_t sector_num,
                           uint8_t *out_buf, const uint8_t *in_buf,
                           int nb_sectors, int enc,
                           const AES_KEY *key)
{
    union {
        uint64_t ll[2];
        uint8_t b[16];
    } ivec;
    int i;

    for(i = 0; i < nb_sectors; i++) {
        ivec.ll[0] = cpu_to_le64(sector_num);
        ivec.ll[1] = 0;
        AES_cbc_encrypt(in_buf, out_buf, 512, key,
                        ivec.b, enc);
        sector_num++;
        in_buf += 512;
        out_buf += 512;
    }
}

CBC mode would imply that each sector would be crypted by combining the
plaintext with the previous sector.
It's does not look to be the case as the IV is reset to sector_num for each
sector.
It look like CTR mode.

Best regards

Benoît

>
> dm-crypt or other disk encryption programs use more complicated schemes,
> do we need to go there?
>
> Paolo

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [Qemu-devel] QCOW2 cryptography and secure key handling, (continued)

Prev by Date: Re: [Qemu-devel] [PATCH 2/2] LICENSE: clarify
Next by Date: Re: [Qemu-devel] [PATCH 2/2] LICENSE: clarify
Previous by thread: Re: [Qemu-devel] QCOW2 cryptography and secure key handling
Next by thread: Re: [Qemu-devel] QCOW2 cryptography and secure key handling
Index(es):
- Date
- Thread