* Phil Grundig <wdef200@xxxxxxxxxxx> > I understand that overwriting the device with random data before setting > up loop-aes on the device is needed in order to prevent an attacker > determining how full the encrypted filesystem is. > > I realize that good encryption schemes operate on a "the less information > discernible to an attacker, the better" principle. But, in reality, how > useful is knowing how much data is in the filesystem to an attacker? It says > nothing about the data itself? And if files are put in the filesystem and > deleted, or moved around, then gradually - with fragmentation and such - > even this information gets lost eventually, doesn't it? > > Can an attacker discern the size of individual files if the device has not > been overwritten first? It´s a practical approach to give you a better understanding. Try less -f /dev/sdX on the device you are going to encrypt. A blank block device is filled with zeros or continually the same single character. Issuing shred /dev/sdX shows strong resemblance to what loop-aes encryption leaves behind. In case only a first fraction of a block device is filled with such random (looking) data one might suggest you to reveal keys/passes to uncover the real nature of this information. In case you find a method of storing data using just one character please inform me as soon as possible ;-) Kind regards, Peter -- Neu: GMX FreeDSL Komplettanschluss mit DSL 6.000 Flatrate + Telefonanschluss für nur 17,95 Euro/mtl.!* http://portal.gmx.net/de/go/dsl02 - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
