Erik Kunze wrote: > I'd like to crypt CDROMs, but can't get it working with ISO9660. Any other > filesystem does work! [snip] > So what's wrong with ISO9660 on crypted files? Is this a fault of mkisofs, > cryptoapi or the filesystem driver? This is result of block-size-IV-syndrome, also called "time bomb" IV, where IV computation depends on block size of underlying device. All international crypto patches have that bug, and all cryptoapi versions that don't do 512 byte IV are also broken. Anyone using such broken stuff voluntarily is just being crazy. This has been discussed on this list, just search the archives for more info. I wish that people responsible for such fuck-up would have the balls to admit it and at least warn people to not use such broken versions. All non-international-crypto-patch and non-cryptoapi versions of loop encryption that I am aware of (ppdd, SuSE kernel twofish, Ingo Rohloff's loop crypto, loop-AES, Mandrake kernel AES) do IV computation correctly using 512 byte units. Regards, Jari Ruusu <jari.ruusu@pp.inet.fi> - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
