[Discuss] NAS: encryption

[blu at nedharvey.com (Edward Ned Harvey (blu))]

> From: John Abreau [mailto:abreauj at gmail.com]
> 
> "Edward Ned Harvey (blu)" <blu at nedharvey.com> writes:
> 
> > You seem to think there's an obstacle which isn't really real -
> > Encryption is very cheap computationally, so cheap indeed it can be
> > done by the disks themselves.
> 
> 
> ?On Tue, Jul 7, 2015 at 1:14 PM, Derek Atkins <warlord at mit.edu> wrote:
> I don't trust my disks to do the encryption, mostly because there's
> really no way to verify that it's doing it correctly, and the key
> management gets a lot harder.
> 
> The way I read it, the message wasn't that you should trust the disk to do the
> encryption; it's that encryption has very low overhead today, and the
> reference to disk-based encryption was merely to illustrate that point.

It seems silly not to trust the disk to do encryption, when you'd trust some software that you equally haven't decompiled and inspected.

I am saying both: Encryption has very low overhead today, and yes it's ok to do it in the disk hardware. Nowadays, you can download a dozen different AES libraries in any language - including javascript. Not that javascript is relevant in context, just to point out, AES is SOOOOOO ubiquitous that it's literally everywhere and in everything. The idea that the disk is going to have a broken implementation of AES is beyond far-fetched, into unbelievable land. And like I said - it isn't any less likely to be the case in the overriding software. Which I guarantee also has a working implementation of AES.

The only thing you need to *actually* be concerned about is where do the keys come from, how do they get managed, and do they cause inconvenience. And I guess it wouldn't hurt to actually plug one of the disks into another system and confirm that encryption is *turned on*. But as long as it's turned on, and the keys are good and managed, yes I trust disk hardware to do the encryption just as much as I trust the application software.