* Christian Kujau <lists@xxxxxxxxxxxxxxx> wrote: > >> http://mail.nl.linux.org/linux-crypto/2006-09/msg00008.html -> > >> "Both cryptoloop and dm-crypt in kernels prior to 2.6.10 are > >> vulnerable, and even recent dm-crypt still suffers from a weak > >> crypto implementation." => I will be using 2.6.20, which allows > >> for LRW mode and thus solve the watermark problem. -> > >> "dm-crypt... which leaks location of changed data in some > >> unusual situations." > > > > " ... not a big problem." = dont worry about this. > > Here the kernel version *does* matter, IOW the watermark attacks > have been fixed in 2.6.10 (see "dm-crypt: new IV mode ESSIV" > changelog entry). So "not a big problem" should read "not an issue > any more since 12/2004", no? but he already said he would be using a recent kernel, so... no. -- left blank, right bald
Attachment:
pgp1ljF7OhMAz.pgp
Description: PGP signature
