Re: Announce loop-AES-v3.0b file/swap crypto package

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



jerome etienne wrote:
> well it is a valid argument if you assume the OS has been corrupted.
> Nevertheless this assumption isnt mandatory, here is a scenario where it
> doesnt apply:
> 1. a user encrypt a whole removable disk with loop-aes
> 2. he goes in a conference and leave it unattended in a room (bad
>     practice but it happen)
> 3. an attacker gets it, insert chosen data in it and put it back
> 4. the user replugs the removable device
> 
> => with the current loop-aes, the attack succeed
>     o the modification goes undetected and the user uses attacker's data
>       as if they were legitimate.

Only if the user failed to RTFM.

loop-AES' README clearly states that it does not authenticate ciphertext,
and as such, does not protect against ciphertext tampering attacks.

-- 
Jari Ruusu  1024R/3A220F51 5B 4B F9 BB D3 3F 52 E9  DB 1D EB E3 24 0E A9 DD

-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/


[Index of Archives]     [Kernel]     [Linux Crypto]     [Gnu Crypto]     [Gnu Classpath]     [Netfilter]     [Bugtraq]
  Powered by Linux