On Mon, 2005-01-31 at 10:47, Jari Ruusu wrote: > I hope you are not using the same key file to encrypt multiple DVDs. > Re-using same key file for more than one file system will lead to identical > ciphertexts. Identical ciphertexts leak information. I am using the same single key for multiple DVDs, and I am aware that this will result in repeated copies of any stuff not unique to the data volume (non overwritten space etc.) This is because I reuse the same image file for each DVD, but with different relevant data content. How much information does this leak? Obviously the attacker will know the extent to which I've rewritten the data between two disks, not a problem of itself. I would assume that I'm vulnerable to a known plaintext attack, and what matters to me is the privacy of the other information on the disk and other disks encrypted with the same single key. Whatever happens I'm not going to have a different pass phrase for each disk. On Mon, 2005-01-31 at 10:47, Jari Ruusu wrote: > Above type setup is vulnerable to watermark attacks. Just FYI. Does the watermark attack allow an attacker to do more than identify that a known plaintext is present in a certain place? I was under the impression that it would not allow the attacker to decrypt other info on the disk, in which case in my application that's not too serious. > Take a look what kind of information gets written to swap: ssh sessions, > passwords, credit card numbers, emails to your mistress, etc. You really > don't want that kind of info recorded in non-volatile storage on disk. > > Swap is one of the worst anti-security features ever conceived. Encrypted > swap solves that problem nicely. Good point, how much will encrypted swap slow down what seems to require the fastest performance I can get? I'll read your excellent readme again which I'm sure covers it. Regards, Paul Hilton - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/