Re: [Qemu-devel] [PATCH] Describe flaws in qcow/qcow2 encryption in the

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH] Describe flaws in qcow/qcow2 encryption in the

From:	Peter Maydell
Subject:	Re: [Qemu-devel] [PATCH] Describe flaws in qcow/qcow2 encryption in the docs
Date:	Wed, 22 Jan 2014 11:49:21 +0000

On 22 January 2014 11:36, Daniel P. Berrange <address@hidden> wrote:
> Recommend against any use of QCow/QCow2 encryption, directing
> users to dm-crypt / LUKS which can meet modern cryptography
> best practices.

Couple of minor typo nits I spotted:

> diff --git a/qemu-doc.texi b/qemu-doc.texi
> index 4e9c6e9..c9da6ad 100644
> --- a/qemu-doc.texi
> +++ b/qemu-doc.texi
> @@ -547,10 +547,27 @@ File name of a base image (see @option{create} 
> subcommand)
>  @item backing_fmt
>  Image format of the base image
>  @item encryption
> -If this option is set to @code{on}, the image is encrypted.
> +If this option is set to @code{on}, the image is encrypted with 128-bit 
> AES-CBC.
> +
> +The use of encryption in QCow and QCow2 images is considered to flawed by 
> modern

"to be"

> +cryptography standards, suffering from a number of design problems

Missing ".".

> +
> address@hidden @minus
> address@hidden The AES-CBC cipher is used with predictable initialization 
> vectors based
> +on the sector number. This makes it vulnerable to chosen plaintext attacks
> +which can reveal the existence of encrypted data.
> address@hidden The user passphrase is directly used as the encryption key. A 
> poorly
> +choosen / short passphrase will compromise the security of the encryption.

"chosen or short".

> +In the event of the passphrase being compromised there is no way to change
> +the passphrase to protect data in any QCow images. The files must be cloned,
> +using a different encryption passphrase in the new file. The original file
> +must then be securely erased using a program like shred, though even this
> +is ineffective with many modern storage technologies.
> address@hidden itemize
>
> -Encryption uses the AES format which is very secure (128 bit keys). Use
> -a long password (16 characters) to get maximum protection.
> +Use of QCow / QCow2 encryption is thus strongly discouraged. Users are
> +recommended to use an alternative encryption technology such as the
> +Linux dm-crypt / LUKS system.

(same typos also in the texi version).

thanks
-- PMM

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-devel] [PATCH] Describe flaws in qcow/qcow2 encryption in the docs, Daniel P. Berrange, 2014/01/22
- Re: [Qemu-devel] [PATCH] Describe flaws in qcow/qcow2 encryption in the docs, Eric Blake, 2014/01/22
- Re: [Qemu-devel] [PATCH] Describe flaws in qcow/qcow2 encryption in the docs, Peter Maydell <=
  - Re: [Qemu-devel] [PATCH] Describe flaws in qcow/qcow2 encryption in the docs, Daniel P. Berrange, 2014/01/22

Prev by Date: Re: [Qemu-devel] [v19 22/25] vhdx.c: replace QEMUOptionParameter with QemuOpts
Next by Date: Re: [Qemu-devel] [Xen-devel] Project idea: make QEMU more flexible
Previous by thread: Re: [Qemu-devel] [PATCH] Describe flaws in qcow/qcow2 encryption in the docs
Next by thread: Re: [Qemu-devel] [PATCH] Describe flaws in qcow/qcow2 encryption in the docs
Index(es):
- Date
- Thread