What about sparse files?

Asked by Dustin Kirkland  on 2008-09-25

eCryptfs does not currently support sparse files. Sequences of encrypted extents with all 0's could be interpreted as sparse regions in eCryptfs without too much implementation complexity. However, this would open up a possible attack vector, since the fact that certain segments of data are all 0's could betray strategic information that the user does not necessarily want to reveal to an attacker. For instance, if the attacker knows that a certain database file with patient medical data keeps information about viral infections in one region of the file and information about diabetes in another section of the file, then the very fact that the segment for viral infection data is populated with data at all would reveal that the patient has a viral infection.

Question information

Language:
English Edit question
Status:
Solved
For:
eCryptfs Edit question
Assignee:
No assignee Edit question
Solved by:
Dustin Kirkland 
Solved:
2008-09-25
Last query:
2008-09-25
Last reply:
Dustin Kirkland  (kirkland) said : #1

Answered by the FAQ.