En réponse à Arno Wagner <arno@xxxxxxxxxxx> : > The anzwer is actually no. As changed information has to be > written to diek, an attacker can allways tell when a sector > is changed. My idea is to cipher _all_ blocks by changing the salt. > This is a fundamental limitation of filesystem > encryption. The only way around would be to write far more > on each update, yes > with the expected catastrophic impact on > performance. > not so much, depending on how much data you cipher. I use files of less than 100Mbytes and cipher them. On close, a full recipher wouldn't take long. > > but an attacker wouldn't be able to gain any information! > > Wrong. The attacker could still detect the changed blocks. > not if I change all of them. > > Any advice on that, or a reason why the salt is not used for > > encrypting blocks? > > Because it does not help at all. Salts only help as defense > against rainbow tables. > In this situation it helps in order to change the ciphered version even if we don't change the clear. -We could change the master key: impossible in practice. -We could change the IV: I don't see how. Plus, both options can't afford a break (as of power loss) in the reciphering: which key would be used after? If we use a salt, we can always decipher, even if a break occurs while reciphering; at last, only one block could be unreadable. thanks > _______________________________________________ Envoyé avec Inmano, ma messagerie renversante et gratuite : http://www.inmano.com _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
