Re: Encrypting Filesystems

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Sorry to reply to my own post.  Here is a reader comment from the dmcrypt wiki - not sure to what extent these have been addressed:

[QUOTE]
I'm looking over this dmcrypt stuff but it looks like it still has the old bug of using the sector number as the IV for CBC mode encryption. The security weakness is well known. The maintainers apparently decided to keep the bug in place to help interoperability with legacy cryptoloop instances. But I think at minimum, IV generation for new installations should be done differently. There is no reason to postpone adding a new mode that generates IV's by encrypting the sector number or something like that. Keep the current method available as a backwards compatibility option, but make the default do things securely.

Also, there's also the issue that the passphrase directly generates the bulk encryption key. That means if you want to change passphrases, you have to decrypt and re-encrypt the entire partition. That's painful. It's better to generate a random bulk encryption key, and use the passphrase to encrypt the bulk key on the disk (the first sector could be used for such metadata).

Finally, I think some work should be done on encrypting root partitions WITHOUT needing to boot from an external USB device. Basically just the master boot record (and maybe a little bit of GRUB) would be in cleartext. It would prompt for a passphrase and decrypt the remaining sectors needed to boot the machine.
[/QUOTE]


Yahoo! Mail
Use Photomail to share photos without annoying attachments.

[Index of Archives]     [Kernel]     [Linux Crypto]     [Gnu Crypto]     [Gnu Classpath]     [Netfilter]     [Bugtraq]
  Powered by Linux