Why would you go out of your way to generate and save a SHA256 hash digest for every photo, and then test all of them against an encrypted ZFS dataset, and you’re not even sure this method was used, and if this method was used, they might have used an MP3 song instead of a photo…
You don’t even know if there’s a puzzle to solve.
EDIT: I’ll even make this easy for you.
One of my encrypted containers (not ZFS, but LUKS), is using a hash from an image that can be retrieved with a simple Google search. I’m not joking. There’s an image out there that I can find using Google. When I download the image and run a hash algorithm against it, I can use that to unlock my LUKS container.
How do you know that the image arrived bit-perfect — that it wasn’t transcoded or downsampled, and no metadata was anonymized or otherwise updated? If not in transit, then by the recipient’s arbitrary photo management system?
And now you are hiding the details. Good job! But you should have done that from the beginning.
No. And I am again saying to everyone reading this topic:
If you ever commit such kinds of security strategies, you should NEVER talk about it publicly! You should not even talk about it privately unless you are ready to hand off your keys to the person you talk to.
Well, then edit your original post. Advise people to always say at the end that they may lie about using their images as keys. TBH, it looks like a cheap excuse, which could be refuted by hashing your entire photo library.
You potentially would ask these very questions to the enforcers. Who would have your entire truenas forums correspondence. And in some cases your entire search history (which can statistically reveal some “unusual” tendency for some public pictures).
You can start any time you wish. I won’t stop you.
Meanwhile, someone with a hammer has a better chance at forcing me to decrypt my files.
Update this thread when you’re done hashing all my photos (and music too?), and let us know the results of decrypting my encrypted files, which might not even exist.
I think that “my data is secure from whoever has physical access to my device (and knows that I am winnielinnie)” is a bit different from “my data is secure from the random guy on the truenas forum”.
Of course. But in your case they probably don’t even have to buy a hammer. Unless they want to…
From some POV, it can be considered as a plus. OTOH, being aware that your data was compromised (because you were forced to decrypt it) can be preferable to not knowing it was compromised at all.
I have to wonder if someone will save their photo to google photos or something and it compresses it, or doesn’t hold the original somehow then whoops.
They don’t even have it saved in a key manager or wallet.
Now what?
The only difference is that with this method, they can regenerate their key with an important file (photo, song, video, document, whatever) that is only known to them.
That’s why there are no true cons to this approach.
I’m not trying to be rude, but I think sometimes we miss the entire point of something when we overthink things.
In other words, no different than if they had generated a random keystring without using a photo. [1][2][3]
You’re more likely to lock yourself out of your own data, rather than some random person solving a ridiculous puzzle to retrieve your encryption keys. The extra safeguards to prevent yourself from permanently losing access to your data are worth it in my opinion.
Now you’re going to see those viral FB posts where everyone fills in the blanks with their favorite foods, favorite childhood memories, what town did you grow up in, what is your eyecolor, etc., there will be an additional step for “Upload your favorite family photo, be sure to use the original file and do not modify it!”
In practice I would be concerned that unintentional metadata changes over time would change the sha. I guess I would have to backup the the original photo.
Then you’re back to normal, which you’ve been doing anyways.
This is no different than someone losing their exported keys.
Nothing should be changing any photo’s data or metadata over time, unless you do so explicitly. If a library software is changing the original file without your knowledge or permission, then you should be using different software. Under no circumstance should anyone be okay with software overwriting original photos and videos without explicit instruction or intervention from the user.
As NAS users, we take archiving originals seriously.
Using this trick at least gives you another chance, without any negatives or added costs. Your photo, song, video, ebook, or Word doc could be in a cloud drive or naturally living on someone’s laptop. At least you have one more chance.
Nothing else changes in regards to the strength of the key or managing encrypted datasets. The only difference is that the “random” keystring isn’t really random. It has meaning, known only to you. You don’t need to encrypt or hide the files, as you would a passphrase or key. This allows you to keep your “secret” out in the open so that you won’t “lock yourself out”.
For those who would rather use a “passphrase” instead of a “key”, you can change the dataset’s encryption property from “Key” to “Passphrase” and paste the same hash. This time the string will be treated as a passphrase instead of a key, and will need to be manually unlocked after each reboot.
