mrb's blog

ZFS encryption, shipping in Solaris 11 Express

Keywords: cryptography zfs

Darren Moffat, one of the lead engineers working on the ZFS filesystem at Oracle, just announced that ZFS encryption has shipped, today, in Solaris 11 Express. This is amazing news. I have been waiting for years for this feature to be available in a production Solaris release. He made 3 posts about it:

  1. Introducing ZFS Crypto in Oracle Solaris 11 Express
  2. Assured delete with ZFS dataset encryption
  3. Having my secured cake and Cloning it too (aka Encryption + Dedup with ZFS)

Probably the most beautiful feature is the last tidbit: ZFS encryption fully leverages ZFS deduplication. A naive design would have prevented deduplication on encrypted datasets from being useful, because in practice a ciphertext block is unique, hence cannot be deduplicated. But Darren contributed a concept called "clone families" that allows the dedup step to happen before encryption. (Now, there are I presume rare situations where one may not want end-users to be able to determine which plaintext blocks exist in the pool by watching for deduplicated blocks, and these situations can be avoided by passing the -K option to zfs key or zfs clone, so the decision of whether to allow or disallow deduplication on encrypted filesystems remains in the hands of the ZFS administrator).

Another great feature is the fact that ZFS encryption automatically uses the hardware-accelerated AES implementation on SPARC T series processors, and the AES-NI instruction set on Intel Nehalem processors. (On a side note, I once met Dan Anderson who was working on adding AES-NI support to Solaris. He is a sharp and passionate guy.)

All in all, thumbs up for ZFS crypto! Use it to provide some amount of data privacy to a server in a remote colo in case the server is shut down and stolen. Or use it in combination with "zfs send | zfs recv" for data replication/backup to off-site encrypted disks. Or even use it on a laptop for data privacy while benefiting from all the other ZFS features: end-to-end checksumming, self-healing, snapshots, clones, compression, deduplication, redundant blocks (zfs set copies=N), etc. People forget that ZFS is useful even on single-drive machines!