Bernhard Stoevesandt wrote: > > Securitywise, your setup is broken and exploitable. I recommend that you > > re-encrypt those partitions using loop-AES version 3 on-disk format. > > o.k. i will do. why is that now anyway? because right now the passphrases > are interceptible? Your setup does not use salted+iterated key setup. Lack of salting makes it vulnerable to precomputed dictionary attacks. Lack of iteration makes dictionary attacks really fast. Your setup is using single key mode, which has weak IV computation. Weak IV makes it vulnerable to watermark attacks. -- Jari Ruusu 1024R/3A220F51 5B 4B F9 BB D3 3F 52 E9 DB 1D EB E3 24 0E A9 DD - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
