[Discuss] NAS: encryption

[markw at mohawksoft.com (markw at mohawksoft.com)]

>> From: John Abreau [mailto:abreauj at gmail.com]
>>
>> "Edward Ned Harvey (blu)" <blu at nedharvey.com> writes:
>>
>> > You seem to think there's an obstacle which isn't really real -
>> > Encryption is very cheap computationally, so cheap indeed it can be
>> > done by the disks themselves.
>>
>>
>> ??On Tue, Jul 7, 2015 at 1:14 PM, Derek Atkins <warlord at mit.edu> wrote:
>> I don't trust my disks to do the encryption, mostly because there's
>> really no way to verify that it's doing it correctly, and the key
>> management gets a lot harder.
>>
>> The way I read it, the message wasn't that you should trust the disk to
>> do the
>> encryption; it's that encryption has very low overhead today, and the
>> reference to disk-based encryption was merely to illustrate that point.
>
> It seems silly not to trust the disk to do encryption, when you'd trust
> some software that you equally haven't decompiled and inspected.
>

The difference is that with "open source" software, specifically the
crypto library in openssl, because that's how people get FIPS certified,
many people do audit the code. Maybe not you, but many, and the fact that
we have so many CVE notices means that people are.

Did *you* verify the crypto had no holes? That the random number generator
had enough entropy? That the proper key length was used, and so on. No,
you didn't, but many people have, and most importantly, have the ability
to inspect this.

The problem with internal drive encryption is getting any level of
disclosure and accountability.