I don't think that the most recent version of cryptoapi (2.4.7.0) has this particular problem. I've used it to make quite a few encrypted ISO images with out any trouble. Jari Ruusu [20/02/02 19:38 +0200]: > Erik Kunze wrote: > > I'd like to crypt CDROMs, but can't get it working with ISO9660. Any other > > filesystem does work! > [snip] > > So what's wrong with ISO9660 on crypted files? Is this a fault of mkisofs, > > cryptoapi or the filesystem driver? > > This is result of block-size-IV-syndrome, also called "time bomb" IV, where > IV computation depends on block size of underlying device. All international > crypto patches have that bug, and all cryptoapi versions that don't do 512 > byte IV are also broken. Anyone using such broken stuff voluntarily is just > being crazy. This has been discussed on this list, just search the archives > for more info. I wish that people responsible for such fuck-up would have > the balls to admit it and at least warn people to not use such broken > versions. > > All non-international-crypto-patch and non-cryptoapi versions of loop > encryption that I am aware of (ppdd, SuSE kernel twofish, Ingo Rohloff's > loop crypto, loop-AES, Mandrake kernel AES) do IV computation correctly > using 512 byte units. > > Regards, > Jari Ruusu <jari.ruusu@pp.inet.fi> > - > Linux-crypto: cryptography in and on the Linux system > Archive: http://mail.nl.linux.org/linux-crypto/ > -- Chris Schadl cschadl@satan.org.uk - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
