Arch Linux

tsv

Member

From: UK

Registered: 2008-12-03

Posts: 71

Website

Would I like to create a zero table?

Hey,

I am creating an encrypted HDD to install Arch 64 on, and I've just run dd to wipe and randomize the disk. Opening cfdisk to create the partitions (one boot, one for LVM), I am asked if I wish to create a zero table.

Not really sure what this is, and I assume I want to as saying no does nothing, but I wanted to find out what it actually meant? Almost sounded like it wanted to start zeroing out my random data, which would obviously be bad!

Cheers!

Garns

Member

Registered: 2008-05-28

Posts: 239

Re: Would I like to create a zero table?

Hey,

I am creating an encrypted HDD to install Arch 64 on, and I've just run dd to wipe and randomize the disk. Opening cfdisk to create the partitions (one boot, one for LVM), I am asked if I wish to create a zero table.

Not really sure what this is, and I assume I want to as saying no does nothing, but I wanted to find out what it actually meant?

I am pretty sure it means something similar to: "Your partition table looks like random garbage, do you want me to assume you don't have any partitions on here put that in the table and go on from there?"

Almost sounded like it wanted to start zeroing out my random data, which would obviously be bad!

1. Even if that was the case, please explain why this would be obviously bad?
2. It only talks about creating a zero table, not about zeroing the disk.

tsv

Member

From: UK

Registered: 2008-12-03

Posts: 71

Website

Re: Would I like to create a zero table?

Cheers, that sounds about right.

Aye, when I said that would be bad, I meant if it decided it wanted to zero the disk, not that there would be any reason for that.

Thanks!

Garns

Member

Registered: 2008-05-28

Posts: 239

Re: Would I like to create a zero table?

Aye, when I said that would be bad, I meant if it decided it wanted to zero the disk, not that there would be any reason for that.

Yeah sure, but why would it be bad if it decided to do so, apart from zeroing the randomized disc being pretty useless.

tsv

Member

From: UK

Registered: 2008-12-03

Posts: 71

Website

Re: Would I like to create a zero table?

Well, the point of generating the random data across the entire disk is so you can't tell where the encrypted data begins and ends. If there is a large chunk of zeroes on the disk, it implies that there's no data there to attempt to decrypt.

So, by zeroing the disk you are removing a layer of security, even if not an especially large one.

Garns

Member

Registered: 2008-05-28

Posts: 239

Re: Would I like to create a zero table?

Well, the point of generating the random data across the entire disk is so you can't tell where the encrypted data begins and ends. If there is a large chunk of zeroes on the disk, it implies that there's no data there to attempt to decrypt.

I am by no means an expert on crypto, but from what I have read the only definite advantage you get from this is that no one can easily see how full your disk is (respectively how full it was at some point in time). It also might make it more difficult to find out which encrytion is used and thus delay any attempt to break it. The way I see it, if you assume that your crypto will be broken, this doesn't help at all, as an attacker would just decrypt the whole partition.

Anyway, far be it from me to stop your healthy paranoia and having random data on the disk certainly doesn't hurt. Just keep in mind that things which seem obvious often are not when it comes to crypto.