I am not really sure what you mean. Per-sector authenticatipn is infeasible as it requires additional space. This is not communication encryption where attaching a few bytes is possible. This is disk encryption where 512 encrypted bytes have to fit exactly into 512 bytes of space. Do you mean the header should authenticate itself to the user in decryption? That would only make sense if a malicious disk encryption system is assumed and would have to be done before the passphrase is given. The attacker model would be something like disk-impersonation gere or a cryptsetup or kernel that tries to steal the passphrase. Arno On Tue, May 21, 2013 at 12:31:09AM +0200, Ralf Ramsauer wrote: > Hi, > > are there any weighty reasons why there is no support for authenticated > encryption for > dm-crypt or did simply no one want to implement it up to now? :-) > > Did anyone do any work on this topic up to now? I think authenticated > encryption would > be a nice feature. > > Regards > > -- > Ralf Ramsauer > > PGP: 0x8F10049B > > _______________________________________________ > dm-crypt mailing list > dm-crypt@xxxxxxxx > http://www.saout.de/mailman/listinfo/dm-crypt -- Arno Wagner, Dr. sc. techn., Dipl. Inform., Email: arno@xxxxxxxxxxx GnuPG: ID: CB5D9718 FP: 12D6 C03B 1B30 33BB 13CF B774 E35C 5FA1 CB5D 9718 ---- There are two ways of constructing a software design: One way is to make it so simple that there are obviously no deficiencies, and the other way is to make it so complicated that there are no obvious deficiencies. The first method is far more difficult. --Tony Hoare _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
