Petersen wrote: > http://www.spinics.net/lists/crypto/msg02628.html states that loop-aes > 2.0f can't use multi-key encryption without using gpg-key also. loop-AES-v3.0a mount and losetup can also read multi-key from file descriptor specified with -p command line option. > I use the latest, loop-AES-v3.0a (README of November 27 2004 ), but only > swap-encryption reports multi-key-v3, losetup -a reports 'AES256' only > for drives created with > > losetup -e AES256 -itercountk=300 .... That loop device is not in multi-key mode. The -C option (itercountk= mount option) has no effect in multi-key mode. > - so no multi-key-v3. Am I sitting on a timebomp (as Jari puts it) No. The timebomb can explode only if someone uses version 3 multi-key file with losetup/mount from loop-AES-v1.X or loop-AES-v2.X, or if someone uses version 2 multi-key file with losetup/mount from loop-AES-v1.X. In other words, all is fine is you use latest losetup/mount. > I didn't build (with) gpg because I want to have a change of recreating > my data in case of loss of gpg-key. Could that be why 'make tests' > fails? For the same reason I don't use password seed; it is also > difficult to figure out how to do it, from reading the README. Please post exact error message of 'make tests' failure. > Is the security level of my setup (AES256, no gpg, no seed, > itercountk=300) to weak to bother? Too weak. Avoid that kind of setup. > Could you explain how the watermark attack work? Watermarked files use special bit patterns that happen to trigger identical ciphertexts. The number of consecutive identical ciphertexts can be controlled and is used encode watermark. -- Jari Ruusu 1024R/3A220F51 5B 4B F9 BB D3 3F 52 E9 DB 1D EB E3 24 0E A9 DD - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/