EXT4 encryption design document

A quanto pare, il supporto alla crittografia sta approdando nativamente su Ext4: al link possiamo trovare il documento preliminare che si occupa di descrivere le specifiche tecniche.

EXT4 encryption is not currently resilient in the face of an adversary who is able to manipulate the offline block device content prior to the authorized user later performing EXT4 file system I/O on said content. In that scenario the user can have no expectations regarding either data integrity or confidentiality.

We are not currently planning on attempting any mitigations against timing attacks. We recognize that these are important to address, but mitigations will require substantial work in the Linux kernel Crypto API. Addressing timing attacks against users of the Crypto API is out of scope for this effort