Re: Re: Loop-AES and Twofish on 64-bit CPU

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Mr Fruhwirth (dm-crypt) and Mr Ruusu (loop-aes) have a bit of a interesting sparring history.  Read back over the list to see some of this.

For my money, loop-aes comes off as having much more credibility.

The dm-crypt people have never convincingly responded to Jari's well-aimed criticisms.  Instead they side track the debate with technobabble and arguments about threats not being significant.  But you cannot get only "a little bit" pregnant.

Peter_22@xxxxxx wrote:
Jari Ruusu wrote:
>[...] LRW mode is more vulnerable to changed location disclosure than CBC mode.
> That is because each ciphertext block depends on only one plaintext block
> and the encryption keys. In CBC mode, ciphertext also depends on
> preceeding
> plaintext blocks. The way IV is computed in loop-AES makes all ciphertext
> blocks depend on all plaintext blocks in 512 byte sector.
>
> IOW, loop-AES provides better protection against changed location
> disclosure
> than dm-crypt, cryptoloop, or ecryptfs.

Ok, I suppose this is good news! My knowledge about attacks on ciphers and galois fields is quite faint, but I seriously hope the maintanance of loop-aes will go on. Since many tutorials and websites focus on loop-aes I deem it the right choice. Knoppix includes loop-aes, SuSE does not, but that need not be a disadvantage. Clemens Fruhwirth seemed to be a wise guy but unfortunately he didn´t suggest a patch or some working files. Other mainline projects like truecrypt or parts of the standard linux kernel might be backdoored.
The loop-aes readme could include advice on how to remove partition table and boot sector and some plugin for k3b to burn encrypted cd/dvd on-the-fly would be excellent, too.

Regards,
Peter

--


"Feel free" â?? 10 GB Mailbox, 100 FreeSMS/Monat ...
Jetzt GMX TopMail testen: http://www.gmx.net/de/go/topmail

-
Linux-crypto: cryptography in and on the Linux system
Archive: http://mail.nl.linux.org/linux-crypto/


__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com

[Index of Archives]     [Kernel]     [Linux Crypto]     [Gnu Crypto]     [Gnu Classpath]     [Netfilter]     [Bugtraq]
  Powered by Linux