Tag Management Problem in Authenticated Disk Encryption

NB_1907

7/18/24, 12:46 PM

1) For authenticated disk encryption, there are extra data such as IV or tag that need to be stored for all the alternative mods that are placed in Table 1. For these data, it will be necessary to use a sector other than the sector where the encrypted data is located. Consumed space by extra storage of tags or iv is relatively small problem. The main problem here is that you have to process at least two sectors to write or read data in a sector and this directly cuts performance in half or less. What would you recommend for the management of these tag and IV sectors?

For example, consider the structure of "| Data-1 || tag-1 || Data-2 || tag-2 ||…|| Data-n || tag-n |" where "|...|" represents a disk sector. When it is kept in the form, the storage area is directly halved but tag management is easy. On the other hand, if we use | Data-1 || Data-2 || Data-3 ||…. ||Data-n || tag-1, tag-2, tag-3… tag-n | form, the storage space required for tags is less in percentage while tag management is more complex. For instance, if we want to delete the data in the sector of "|Data-2|", it is sufficient to directly deleting two sectors in the first option -"|Data-2| and | tag-2 |"- In the second option it will be necessary to delete "|Data-2|" and update the tag sector. Could you explicate these -or related- methods from the aspect of OS? Which one would you prefer in what situation? Do you have any additional recommendations?

2) The problem has mentioned in the previous part also has another side: Let's encrypt the data and write the authentication tag to the other sector. If we want to read it later, how do we know that the data and tag have not been altered? We are faced with a requirement such as integrity of integrity. Alternative solutions were presented for this problem under the cathegory of incremental authentication schemes in this thesis that I read. How applicable are these solutions? When a sector is updated, it will be necessary to update more sectors than the previous cases. So, performance will suffer more severely than alternatives in the first part. By considering this security-performance trade-off, does it make sense to concern about "integrity of integrity" and apply these methods?

0 + 3

authenticated-encryption

poncho

7/18/24, 3:36 PM

Are we targeting actual disk drives (with platters), flash drives or both? Here's why the distinction may be important: with an actual disk, reading/writing consecutive sectors is cheap (most of the time is spent moving the drive heads and waiting for the disk to rotate into the correct position). On the other hand, flash drives are random access; the time taken to read/write is directly proportional to the number of sectors accessed. For a disk drive, it would make sense to arrange all the data to be on consecutive sectors (even if that increases the number of sectors accessed)

poncho

7/18/24, 3:41 PM

For a flash drive, it might make sense to have the auxiliary (IV/nonce/tag) information for a number of sectors in a single dedicated sector (which the driver would cache); that sector need not be anywhere close to where the data sectors are (because flash drives don't care about 'close')

Maarten Bodewes

7/19/24, 11:27 AM

You need some way of making the sector updates *atomic* it seems. That may make more sense at a file system level, although even there it raises the question when an update should be made (file handles may be left open for quite a while). In that sense maybe lower level sector writes may be the best time (as the in memory cache can take care of the rest).

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Tag Management Problem in Authenticated Disk Encryption

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.