>jerome etienne <jme@xxxxxxx> wrote: > i likely miss something. why using a encrypted fs if security isnt part > of your requirement ? Encryption = safety. A common misunderstanding. I guess the question whether you use aes in CBC or LRW or else implementation is of less importance for security of your data as the question where you safe your keys and what passphrases you choose. Encryption is one single utility to keep data away from intruders. You could also hide your disk in some "secret" place or hide your data in mp3 files, store it on removable medium to take it with you or else. But doesn´t encryption benefit from the possibility to store your keys and mount utils on removable medium so that nobody can temper them while you are away? Mr. ING. Fruhwirth listed that loop-aes is vulnerable to modifications to losetup and the utilities needed to set up an encrypted device. Sure, but you have such probs allways and loop-aes comes very close leaving nothing behind but an entirely encrypted drive that looks like shredded. Would you start a brute force attack on a device where you don´t know if it contains encrypted data or if it is just shredded or been exposed to intense electomagnetic curls? Don´t forget, you can allways launch brute force attacks. The question will be, attack on what? Loop-aes leaves behind a boot sector with master boot record and a partition table that tells attackers where the data is. As Mr. ING. Fruhwirth explained it is possible to find blocks with same IV, right? Four partitions with different setup will protect each other if attacker doesn´t know that there are four, or more and where they start/end. Or how about the idea to use several layers of loop-aes encryption? Using one layer aes-256 and than one more with twofish-256 works pretty fine - you don´t even have to know a bit about C. Currently loop-aes uses 64 keys in multi-key mode. I guess it would be possible to use more. As loop-aes can load and use other chiphers. Mr. ING. Fruhwirth could write just a module with something else than CBC implementation of aes. I guess I know why he does not. http://clemens.endorphin.org/LinuxHDEncSettings is full of academics about encryption but the whole site lacks installable code. So I don´t see the problem. Loop-aes is ready and available, optimized for AMD64 and runs stable on SuSE 8.2 - 9.2. dm-cryptoloop and it´s various "better" implementations are in a pre-testing phase. Until aes in CMC or LRW or else will become available to end-users I will have to use my phantasy and think about how all traces of data can be removed to keep attackers from looking for content. Maybe "sniffing some more glue", Mr. ING. Fruhwirth, will give me the right inspiration. Regards, Peter -- 10 GB Mailbox, 100 FreeSMS http://www.gmx.net/de/go/topmail +++ GMX - die erste Adresse für Mail, Message, More +++ - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
