jerome etienne schrieb:
to modify the content of the encrypted device without being detected. http://off.net/~jme/loopdev_vul.html
are the working implementations / patches for loop-aes/cryptoloop around?
if i understand what you ask, as far as i know, nobody implemented the fix for this attack. Jari Ruusu said it was still vulnerable so i guess there is no patch.
if you care about this attack, a little google search pointed me to another way to automatically secure file, encfs, which seems to protect against this attack. it provides "per-data block MAC authentication headers : authenticate every byte of data in a file." which is the fixed i proposed when i published the paper.
it is pretty easy to code and may be done in a compatible way. moreover i think it could be a nice project.
- Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
