GBDE
GBDE, standing for GEOM Based Disk Encryption, is a
Design decisions
Unlike most disk encryption software, GBDE does not attempt to defeat watermarking attacks through the use of disk encryption-specific modes of operation (see disk encryption theory), but instead generates a random key each time a sector is written.[4] Unlike some alternatives, such as CBC with sector-specific initialization vectors, this approach does not reveal any information to the attacker even if they have access to snapshots of the disk image from different points in time, since encryption keys are never re-used.
The one time sector key is encrypted using a pseudorandom key. This pseudorandom key is derived from the sector number and a static 2048-bit master key with 128 bits of salt. The pseudorandom number generator used for this purpose is called the Cherry Picker. This is not a well established PRNG, but rather one invented for GBDE. This generator may not meet the security levels of standard algorithms, and could be distinguishable from random numbers.[5]
Limitations
Due to this unique approach, GBDE only supports 128-bit
To address these shortcomings, a more typical disk encryption solution for FreeBSD, GELI, was written later by Pawel Jakub Dawidek.
See also
References
- ISBN 978-1-59327-221-0.
- ^ Malone, David (2005). "Security through obscurity: a review of a few of FreeBSD's lesser known security capabilities" (PDF). ;login:. 30 (5): 27–34.
- ^ "gbde(4) man page in FreeBSD 5.0". GBDE manual page. Retrieved 2007-01-01.
- ^ Poul-Henning Kamp. "GBDE - GEOM Based Disk Encryption" (PDF). GBDE Design Document. Retrieved 2007-01-01.
- ^ a b Roland C. Dowdeswell (2005-03-26). "Initial Analysis of GBDE" (PDF). Retrieved 2007-01-26.
- ISBN 978-3-319-99828-2.
- arXiv:1807.00309 [cs.CR].