similar to: Truncating SHA2 hashes vs shortening a MAC for ZFS Crypto

----- Forwarded message from Zooko O''Whielacronx <zooko at zooko.com> ----- From: Zooko O''Whielacronx <zooko at zooko.com> Date: Sat, 21 May 2011 12:50:19 -0600 To: Crypto discussion list <cryptography at randombit.net> Subject: Re: [cryptography] rolling hashes, EDC/ECC vs MAC/MIC, etc. Reply-To: Crypto discussion list <cryptography at randombit.net>

On Tue, Feb 28, 2023 at 12:24:04PM +0100, Laszlo Ersek wrote: > On 2/27/23 17:44, Richard W.M. Jones wrote: > > On Mon, Feb 27, 2023 at 08:42:23AM -0600, Eric Blake wrote: > >> Or intentionally choose a hash that can be computed out-of-order, such > >> as a Merkle Tree. But we'd need a standard setup for all parties to > >> agree on how the hash is to be

I just want to encrypt a string submitted through a form before saving it to the DB. And then decrypt it again when I need to retrieve and use it. Im trying to use the OpenSSL::Cipher library. I have the following module for encryption/decryption [code] require ''openssl'' module AESCrypt # Decrypts a block of data (encrypted_data) given an encryption key # and an

Anthony Scarpino wrote (elsewhere): > While writing up the man page.. I thought of a few things that I was > wondering if you considered.. > > Can an encrypted dataset (keytype=dataset) reside in a non-encrypted (no > kek defined) pool? I can see a case for and against allowing this when considering it purely at the feature level as users/admins see things. The admin can

Anthony Scarpino wrote (elsewhere): > While writing up the man page.. I thought of a few things that I was > wondering if you considered.. > > Can an encrypted dataset (keytype=dataset) reside in a non-encrypted (no > kek defined) pool? I can see a case for and against allowing this when considering it purely at the feature level as users/admins see things. The admin can

I''ve noticed that the dsl_dataset_t that points to a given dataset changes during the life time of a ''zfs create'' command. We start out with one dsl_dataset_t* during dmu_objset_create_sync() but by the time we are later mounting the dataset we have a different in memory dsl_dataset_t* referring to the same dataset. This causes me a big issue with per dataset

Hi, my system (solaris b77) was physically destroyed and i loosed data saved in a zpool mirror. The only thing left is a dettached vdev from the pool. I''m aware that uberblock is gone and that i can''t import the pool. But i still hope their is a way or a tool (like tct http://www.porcupine.org/forensics/) i can go too recover at least partially some data) thanks in advance for

Hi, I was discussing the common practice of disk eradication used by many firms for security. I was thinking this may be a useful feature of ZFS to have an option to eradicate data as its removed, meaning after the last reference/snapshot is done and a block is freed, then write the eradication patterns back to the removed blocks. By any chance, has this been discussed or considered before?

I was asked by a coworker about recovering destroyed datasets on ZFS - and whether it is possible at all? As a related question, if a filesystem dataset was recursively destroyed along with all its snapshots, is there some means to at least find some pointers whether it existed at all? I remember "zpool import -D" can be used to import whole destroyed pools. But crawling around the

Hello list, someone (actually neil perrin (CC)) mentioned in this thread: http://mail.opensolaris.org/pipermail/zfs-discuss/2009-December/034340.html that is should be possible to import a pool with failed log devices (with or without data loss ?). >/ />/ Has the following error no consequences? />/ />/ Bug ID 6538021 />/ Synopsis Need a way to force pool startup when

Deduplication was committed last night by Mr. Bonwick: > Log message: > PSARC 2009/571 ZFS Deduplication Properties > 6677093 zfs should have dedup capability http://mail.opensolaris.org/pipermail/onnv-notify/2009-November/010683.html Via c0t0d0s0.org.

Greetings; I've been reading the OpenSSH source code and have a question about the des_ssh1_setiv function in cipher.c. (cut-n-pasted here from cipher.c v1.47) : static void des_ssh1_setiv(CipherContext *cc, const u_char *iv, u_int ivlen) { memset(cc->u.des.iv, 0, sizeof(cc->u.des.iv)); } This doesn't use the *iv parameter. Compare with: static void

Hello list, I''m having trouble with a server holding a lot of data. After a few months of uptime, it is currently rebooting from a lockup (reason unknown so far) but it is taking hours to boot up again. The boot process is stuck at the stage where it says: mounting zfs filesystems (1/5) the machine responds to pings and keystrokes. I can see disk activity; the disk leds blink one after

Hi all, I have a 5 drive RAIDZ volume with data that I''d like to recover. The long story runs roughly: 1) The volume was running fine under FreeBSD on motherboard SATA controllers. 2) Two drives were moved to a HP P411 SAS/SATA controller 3) I *think* the HP controllers wrote some volume information to the end of each disk (hence no more ZFS labels 2,3) 4) In its "auto

I have three zpools on a server and want to add a mirrored pair of ssd''s for the ZIL. Can the same pair of SSDs be used for the ZIL of all three zpools or is it one ZIL SLOG device per zpool? -- This message posted from opensolaris.org

Hello all, I have an oi_148a PC with a single root disk, and since recently it fails to boot - hangs after the copyright message whenever I use any of my GRUB menu options. Booting with an oi_148a LiveUSB I had around since installation, I ran some zdb traversals over the rpool and zpool import attempts. The imports fail by running the kernel out of RAM (as recently discussed in the list with

Doing some janitorial (you cleaning the flooded toilets and such) work today. I have come across this line of code that really I''m not sure what the intent was..in xen/include/sched.h #define hypercall_preempt_check() (unlikely( \ softirq_pending(smp_processor_id()) | \ (!!current->vcpu_info->evtchn_upcall_pending & \

I see. From reading that wikipedia article, I'm wondering what gets compressed when compression is enabled in openssh. Is it the ciphertext or the cleartext? Regards, Mark On Fri, 2013-10-25 at 15:47 -0400, Daniel Kahn Gillmor wrote: > On 10/25/2013 03:23 PM, Mark E. Lee wrote: > > Thanks for the response, what kind of problematic interactions would > > occur (other than

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I would like to know the blocksize of a particular file. I know the blocksize for a particular file is decided at creation time, in fuction of the write size done and the recordsize property of the dataset. How can I access that information?. Some zdb magic?. - -- Jesus Cea Avion _/_/ _/_/_/ _/_/_/ jcea at

R users- In moving from R 2.0.0 to R 2.1.0 in Windows, I have encountered a problem with the "riwish" command in the package "MCMCpack". I've searched the documentation and can't seem to figure it out. For example: Define a matrix: > lam <- matrix(c(.00233,-.00057,-.00057,.00190),2,2) and then use the riwish command to generate a random inverse-Wishart