I, as a user, would just like to know if my data is safe or vulnerable if I did what was told me in the loop-aes readme. Brute Force attacks can allways be started and the "attacker" will of course be able to disassemble my PC and get the hard drive. The point is just that AES with 128 or more bit is kinda strong encryption and loop-aes using GPG prevents this data from brute force attacks. So for me the present state remains that loop-aes plus GPG and multi-key mode are the safest way to encrypt a partition. I don´t know any other product like pgpdisk or else that ever reached this kind of security. Nevertheless, I´d sereously like to know which thread you are concering about. Is there anything worng with loop-aes or aes as such? I´m sorry for not getting the point... regards, Peter > Christian Kujau wrote: > > to access the ciphertext, the attacker must have access to the > > (encrypted) partition / imagefile, right? > > Yes, access to ciphertext usually needs root privileges. If attacker can > get > root, it is game over right there. > > > i too think that "100% secure" is never possible, because of a lot of > > things. but i also thought, loop-aes aims to be "quite secure", when it > > comes to "the bad|good guys seize my harddisk". hm, but then they really > > *have* access to the bare partitions and so they have access to the > > ciphertext too and your mentioned ciphertext attacks are frightening me > now. > > Like I said before, loop-AES (and cryptoloop and dm-crypt) does not > authenticate ciphertext. It is ok to let attacker get copies of ciphertext > and software, but it not ok to let attacker modify ciphertext or software > prior to legitimate user using those ciphertext or software. > > -- > Jari Ruusu 1024R/3A220F51 5B 4B F9 BB D3 3F 52 E9 DB 1D EB E3 24 0E A9 > DD > > - > Linux-crypto: cryptography in and on the Linux system > Archive: http://mail.nl.linux.org/linux-crypto/ > - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
