Mr. Ruusu: If IV was 512-byte based, how would this resolve the issue for CD-ROM users? Very Respectfully, Stuart Blake Tener, IT3, USNR-R, N3GWG VTU 1904G (Volunteer Training Unit) stuart@xxxxxxxxxxx west coast: (310)-358-0202 P.O. Box 16043, Beverly Hills, CA 90209-2043 east coast: (215)-338-6005 P.O. Box 45859, Philadelphia, PA 19149-5859 Telecopier: (419)-715-6073 fax to email gateway via www.efax.com (it's free!) JOIN THE US NAVY RESERVE, SERVE YOUR COUNTRY, AND BENEFIT FROM IT ALL. Monday, July 09, 2001 5:05 PM -----Original Message----- From: owner-linux-crypto@xxxxxxxxxxxx [mailto:owner-linux-crypto@xxxxxxxxxxxx]On Behalf Of Jari Ruusu Sent: Monday, July 09, 2001 2:02 PM To: Herbert Valerio Riedel Cc: Dale Amon; IT3 Stuart B. Tener, USNR-R; linux-crypto@xxxxxxxxxxxx Subject: Re: Announce loop-AES-v1.3b file crypto package Herbert Valerio Riedel wrote: > On Mon, 9 Jul 2001, Jari Ruusu wrote: > > patch-int-2.4.6.bz2 available from HVR's web site is still the same time > > bomb waiting to explode as patch-int-2.4.3.1.bz2. > > > > Have you actually audited that code? > > > > I have audited some of it. Conclusion: BROKEN > > ...do you mind sharing your thoughts with us? :-) > but please, don't tell me again, to give up on the crypto API... ;-) > > since I'm quite determined to fix all problems, it would be usefull to > have a definite list of them... > > btw, the non-reentrant part has been almost fixed... but it's not > released yet. > > if you are refering to the IV overflow, that's going to be addressed as > well rsn... > > as to the patch-int vs cryptoapi, the patch-int-2.4.6.bz2 actually nothing > more than a patch-int-2.4.3.1 applied against a 2.4.6... > > so they are both the same... Just like I said, same time bomb. Known problems, at this time: 1) IV has be 512 byte based, each 512 byte chunk must be independent 2) non-re-entrant ciphers 3) Follow this thread, there is a patch: http://marc.theaimsgroup.com/?l=linux-kernel&m=99314207620322&w=2 All of the above problems are fixed in loop-AES. Regards, Jari Ruusu <jari.ruusu@xxxxxxxxxx> Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
