rhkramer@gmail.com (12023-03-08): > The question: Suppose disk corruption corrupts one block in the data storage > area of a LUKS partition / filesystem (I'm not asking about corruption in the > headers or some other area of "metadata"). In the case of one block of > corruption in the data storage area: > > * can files in the LUKS partition other than the one with the one block > corrupted be read correctly? > > * assuming the file with the corrupted block is bigger than one block, can > the other parts of the file (not including the corrupted block) be read > correctly? Of course not. Anything that would require LUKS to read several encrypted blocks for each cleartext block read from it or the same s/read/write/ would ruin the performances in a way that nobody would accept. Therefore, each block on the LUKS cleartext side must map to one block on the encrypted side and must be encrypted in a completely self-contained way, entirely independent of the contents of other blocks. Ensuring the integrity of the data is not part of the attributions of LUKS either. It could, but then again it would cost performance. And space, at least 1/1000, probably more around 1/256 or 1/128. Regards, -- Nicolas George
Attachment:
signature.asc
Description: PGP signature