On Mon, Jul 26, 2010 at 10:47:43PM +0200, Christoph Anton Mitterer wrote: > On Mon, 2010-07-26 at 10:53 +0200, Arno Wagner wrote: > > > Well but as far as I understand, this means that the same IV could be > > > used in multiple sectors (after the 32bit), right? > > Err, no? That would be "after 64 bit". > > Uhm why? If we have 64, bits but the upper 32 are masked 0 as far as I > understood... ? For plain. Not for plain64, i.e. plain is plain 64 with 32 bits masked and plain64 is full 64 bits. > > If you go over 64 bit sector numbers, definitely. However it is > > hard to quantify how large this impact would be. > But 64bit 512byte sectors would allow us a ~9,4 ZB device, right? So > that is unlikely to happen the next... say 3 years or so ;) I hope so ;-) > > > I see... what about this idea: > > > In newer releases of cryptsetup, give a warning whenever people use > > > "plain" suggesting them to use "plain64"?! > > I like this approach. > Thanks :) perhaps better than a warning would even be some interactive > question. > > > > I think this is out of scope. Somebody rezising an encrypted device > > without looking into the limits of the encryption used, is asking > > for trouble. Also there will be a FAQ entry on resizing ;-) > Well... if my calculation above is correct, we'd at least never leave > the scope with plain 64. ;-) Arno -- Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: arno@xxxxxxxxxxx GnuPG: ID: 1E25338F FP: 0C30 5782 9D93 F785 E79C 0296 797F 6B50 1E25 338F ---- Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans If it's in the news, don't worry about it. The very definition of "news" is "something that hardly ever happens." -- Bruce Schneier _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
