Hello out there, everybody!
I was actually expecting to find several (hundred) threads with this
subject being discussed. To my surprise I didn't find a single one
either on these mailing lists or in the newsgroups - at least not in a
language I understand. :-)
I realize that gbde and geli are not designed to be better than the
other but that both fit different needs and different tastes. Although I
I am studying computer science myself, I haven't really gotten to this
kind of stuff yet, so simply listing the differences doesn't help too
much.
For a friend of mine I am thinking up a fileserver for his own little
company that contains *very* sensitive information (mainly stuff that is
still in developement or on the way of a patent or something like that).
Attempts have been made to get at this data the "hard way". The only
thing that hasn't happened so far is someone coming into the office with
a gun and saying "Stick 'em up!". :-)
The main idea is to make the information absolutely useless if the
computer itself is somehow stolen. For this reason I have thought up a
few criteria (in no particular order):
1.
The file system (or rather the encryption) itself must be as secure as
possible. gbde uses 128bit AES with a different key for every sector,
geli uses up to 256bit AES with the same key all the time. geli also
supports blowfish. Which one of these approaches is more secure? geli is
newer but that doesn't say much for itself.
2.
Since swap and temp space can also contain sensitive information it
seems reasonalbe to encrypt these. geli seems to do fine on this task,
while I have read of problems doing this with gbde. Is this still true?
3.
geli supports crypto(9) which is great. However, I did read that PHK had
a version of gbde that also supported crypto(9) but didn't finish it
because the performance didn't improve all that much. This message is
now about 6 months old. Has any work been done on this since then? All
this is mind, performance is not really of prime importance though.
4.
In one of the presentations on gbde, PHK spoke about gbde being able to
install a new pass-phrase without having to re-encode all the
information on the drives[1]. Is this also true for geli?
5.
The ideal protection would be to keep the server running[2] and have it
connected to the alarm system, so when the alarm is tripped, the server
destroys its master-keys and renders the information useless. In case
this happens by mistake (false alarm) or the burglar leaves the computer
alone for some reason, restoring this information would be very useful.
I know this can be done with geli. Does gbde support something like
this? A further issue here is the destruction of the keys. AFAIK gbde
wants the pass-phrase for this. This poses a problem since the alarm
system doesn't have the pass-phrase and noone should be dumb enough to
keep the pass-phrase on the server itself so this can work. But even if
done manually, entering the pass-phrase could be a problem since a good
pass-phrase thends to be long and consists of two parts. Basicly
speaking, there probably won't be enough time to stick in the USB-stick
(something you have) and add the memorized part (something you know) if
you have to nuke your files in a hurry. Is there a way around this with
gbde?
After considering this, am I better off with gbde or geli? Have I missed
anything in my little list?
Thanks and regards!
Chris
[1] A useful feature if the USB-Stick containing part of the pass-phrase
were solen.
[2] Which happens all the time anyway since often long calculations run
overnight.