On 14/01/2004, Jari Ruusu wrote (regarding media errors and loopaes): > One bit ciphertext error causes the 16 byte block in which the error is to > be completely destroyed, plus one bit error in the next 16 byte block. The > one bit error in next block does not occour if wrong ciphertext bit happens > to be in last 16 bytes of 512 byte CBC chain. Also, in multi-key mode first > 16 bytes of the 512 byte CBC chain are completely destroyed due to incorect > MD5 IV. In all cases the errors stay within same 512 byte block. Ok. Thats what I needed to know. > If compression is used (like in bz2aespipe script), then errors may > propagate to much larger set of data. Decompressors operate in GIGO mode, > garbage in - garbage out, and you may even get a bonus SIGSEGV if you are > lucky. So compress stuff before you put it on the loop presumably. We count losing single files as fair risk over an unknown person potentially having access to unencrypted backups. Thanks for info, Marcus -- Marcus Williams -- http://www.quintic.co.uk Quintic Ltd, 39 Newnham Road, Cambridge, UK This message is private [ ] public [*] - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/