On Wed, Nov 29, 2000 at 03:10:29PM -0800, Mike Touloumtzis wrote: > On Wed, Nov 29, 2000 at 10:21:04PM +0000, Marc Mutz wrote: > > > > Therefore, the linux loop_gen driver uses CBC encryption (Cipher Block > > Chaining): > > Delurking for a moment: > > This is something I've been meaning to ask about for > a while. Obviously ECB is more random-access friendly. > How long are the CBC chains used by loopback encryption? > Does one chain span the whole device? Are they limited > in length to make random access and updates easier? > Or is there a third approach which I'm not clued into? > The size of a chain is linked to the blocksize of the underlying device, or the underlying file. The loopback device is a block device, so it is only random access on a block-granularity. The IV for a given block is based on the offset of that block relative to the start of the physical device. The IV can also be based on the offset of the block relative to the start of the file, which is recommended since it makes it possible to move/take backup of an encrypted file. astor -- Alexander Kjeldaas Mail: astor@xxxxxxx finger astor@xxxxxxxxxxxxxxxxx for OpenPGP key. Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
