[RFC] mtd: ubi: UBI Encryption
Timo Ketola
Timo.Ketola at exertus.fi
Mon Aug 10 22:38:20 PDT 2015
Hi,
I have been lurking in this list for a long time and this is my first
post here. I decided to write because I think I have yet another idea
for this one:
On 10.08.2015 22:56, Andrew Murray wrote:
> ...
> - My work around for this erased flash issue was to conditionally
> encrypt/decrypt only when the input data is not 'all bits set'. This had
> minimal impact on UBI/UBIFS/etc but it is possible (though very unlikely)
> that the output of an encryption algorithm is 'all bits set' - Thus when you
> later attempt to decrypt the 'all bits set' cipher text we incorrectly treat
> it as erased flash so return it verbatim and thus cause corruption. I've not
> seen this issue occur despite reading and writing more than 50GB of data.
> ...
Why not postprocess the data so that the encrypted FF becomes FF again
like this:
Lets say clear text data is I, encrypted data is O, encryption function
is e() and decryption function is d(). Then, what is normally done, is
of course:
Write: O = e(I)
Read: I = d(O)
Calculate F = ~e(FF), where F is encrypted and inverted version of 'all
bits set' (FF) data, and modify writing and reading:
Write: O = e(I) ^ F
Read: I = d(O ^ F)
Now encrypting FF input results in FF output and vice versa.
Just wanted to introduce an idea.
--
Timo
More information about the linux-mtd
mailing list