On Mon, 28 May 2007, Jari Ruusu wrote:
Original LRW mode has been semi-broken.
http://grouper.ieee.org/groups/1619/email/msg00558.html
Hm, I'm using dm-crypt, but with CRYPTO_LRW disabled. So this does not
apply? (Being a crypto noob, I wonder how to find out which block-cipher
algorithm I am using or how to tell loop-aes/dm-crypt which algorithm to
use).
-> "dm-crypt... which leaks location of changed data in some unusual
situations."
=> What exactly consists this leak and has it been fixed?
Last time I looked at dm-crypt it wasn't fixed.
If backing storage is at some remote server, and adversary can see
ciphertext read/write traffic, he can get snapshots of old and new
ciphertexts and extract some information from that.
Hm, I thought this has been addressed with the introduction of ESSIV in
2.6.10, or is this a different issue?
--
BOFH excuse #28:
CPU radiator broken
-
Linux-crypto: cryptography in and on the Linux system
Archive: http://mail.nl.linux.org/linux-crypto/
