On 12/28/2010 09:29 AM, octane indice wrote: > En réponse à Arno Wagner <arno@xxxxxxxxxxx> : >> The anzwer is actually no. As changed information has to be >> written to diek, an attacker can allways tell when a sector >> is changed. > > My idea is to cipher _all_ blocks by changing the salt. You forgot one fundamental thing. If an attacker can do snapshots in time (IOW he can read the cipher text device after user performed some changes) he has either physical access to the system or he has administrator permissions. This allows more powerfull attacks already (installing keylogger, modifying kernel, bios, ...). If an attacker has such access nothing will help you. The chain is weaker somewhere else here. > not so much, depending on how much data you cipher. > I use files of less than 100Mbytes and cipher them. On > close, a full recipher wouldn't take long. Then use encryption on filesystem level (e.g. with CTR mode, iow stream mode) and not sector level block device encryption. Milan _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
