--- On Wed, 10/22/08, markus reichelt <ml@xxxxxxxxxxxxx> wrote: > > Well, there is a filesystem of your choice on that > partition anyway > and its structure is known. Given that there are only so > much > filesystems you can put to use you already have a known > plaintext > issue of some sort. Same stuff applies for widely-used > binaries, > document formats / headers etc. > > In short, nope. Ok, that's good. But the difference with the other examples you give is an attacker will not know exactly where to look for an encrypted known ascii string. It could be anywhere or nowhere on the encrypted partition. Whereas with an embedded gpg key at the beginning of the loop device, an attacker could say "I know exactly this section of ciphertext is encrypted known gpg ascii header." Maybe this would only yield a few lines of the multiline plaintext key though (I forget how much on-disk ciphertext each line of the key is for)? > > -- > left blank, right bald - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/