John Smith wrote: > I've read that loop-aes is more secure than dm-crypt, but also the > contrary. Folks who still believe that loop-AES means cryptoloop are the ones spreading such mis-information that dm-crypt is more secure than loop-AES. > => I will be using 2.6.20, which allows for LRW mode and thus solve > the watermark problem. Original LRW mode has been semi-broken. http://grouper.ieee.org/groups/1619/email/msg00558.html > -> "dm-crypt... which leaks location of changed data in some unusual > situations." > => What exactly consists this leak and has it been fixed? Last time I looked at dm-crypt it wasn't fixed. If backing storage is at some remote server, and adversary can see ciphertext read/write traffic, he can get snapshots of old and new ciphertexts and extract some information from that. In "normal" case of lost laptop computer, adversary sees only one "latest" copy of ciphertext. So, in "normal" case this information leak does not happen. -- Jari Ruusu 1024R/3A220F51 5B 4B F9 BB D3 3F 52 E9 DB 1D EB E3 24 0E A9 DD - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
