Thank you so much for the explenation. Last question... Where does the 2^64 magic comes from? Thanks! Alon. On Tue, Mar 31, 2009 at 9:35 PM, Jari Ruusu <jariruusu@xxxxxxxxxxxxxxxxxxxxx> wrote: > Alon Bar-Lev wrote: >> 1. Where does the magic 64 come from? > > 64 different AES keys. First sector uses first key, second sector uses > second key, and so on. As to why 64, and not 32 or 128: Usually 64 expanded > AES keys stay in processor caches, 128 expanded keys probably not. > >> 2. Is MD5 remains safe after recent developments in this area? > > MD5 attacks that I have seen are such that adversary needs known MD5 state > to attack. In loop-AES v3 on-disk format, adversary does not know the state > before or after MD5 hash. In v2 on-disk format it was possible that > adversary had known MD5 state before the hash. > >> 3. Is the usage of the same key over and over is "good enough" still? > > One AES key should be ok for 2^64 blocks. After that, probability of > ciphertext collision is too big. Using multiple keys reduces amount of data > per encryption key, and as such, reduces probability of ciphertext > collisions. > > -- > Jari Ruusu 1024R/3A220F51 5B 4B F9 BB D3 3F 52 E9 DB 1D EB E3 24 0E A9 DD > - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
