On Tue, Jul 27, 2010 at 01:42:01AM +0200, Mario 'BitKoenig' Holbe wrote: > Christoph Anton Mitterer <christoph.anton.mitterer@xxxxxxxxxxxxxxxxxxxxxx> wrote: > > I've just read some sections of the Standard... D4 and D6... it rather > > seems that really the whole size (of the partition) is meant,... and not > > No, no, no, hell, no. They don't mean a size of a partition, or a disk > or whatever. They talk about an amount of data because they mean exactly > that: an amount of data encrypted using the same key. > > If you set up dm-crypt with aes-xts-plain on a 500G partition, fill it > up with data, remove everything and fill it up again with other data you > *did* encrypt 1TB of data using the same key despite the fact that your > partition might only be 500G. > Please feel free to re-proceed the exercise with a 250G partition. > > Of course, your attacker has to be able to capture a snapshot after the > first fill-up ... And that is the real limit in practice. This is more relevant for, e.g., encrypting tape backups or other backups were a number of generations is kept. If I understand this correctly, the actual data exposure if you encrypt in the order of 2^(n/2) bits, with n your block lenght, is very small, namely two blocks. But I would need to check to be sure. > probably via some forensic magic - people who believe > in encryption often tend to also still believe in Peter Gutmann :) Here I highly recomment the Epilogue, were Gutmann puts that into perspective for modern drives: "...it's unlikely that anything can be recovered from any recent drive except perhaps a single level via basic error-cancelling techniques...". Also note that nobody claims to sucessfully have done that and all major data recovery outfits claim they cannot recover anything after a single overwerwrite with zeros on modern drives. Also note that tape is very different and Gutmann still applies there. (Original paper with updates: http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html) > regards > Mario > -- > If you think technology can solve your problems you don't understand > technology and you don't understand your problems. > -- Bruce Schneier Nice quote! Arno -- Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: arno@xxxxxxxxxxx GnuPG: ID: 1E25338F FP: 0C30 5782 9D93 F785 E79C 0296 797F 6B50 1E25 338F ---- Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans If it's in the news, don't worry about it. The very definition of "news" is "something that hardly ever happens." -- Bruce Schneier _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
