On ven., 2016-02-05 at 14:31 +0100, Arno Wagner wrote: > No. You are trying to solve the wrong problem. First, disk > encryption with 1:1 mapping will never give you integrity > protection and the other variants kill performance. I perfectly understand that, thank you. Again, I'm *well aware* of the need to store integrity patterns somewhere. I'm *not* asking for 1:1 mapping. Can I sincerely ask that you not consider at first (and second, and third) that I didn't think first about what I was asking on the list? > > And second, who says anything abot the "evil maid" changing > things in the encrypted container? I'm not following you here. > > Seriosuly, what you want you do not do with disk encryption, > but with PGP/GnuPG on file-level. Because encrypting whole disk with GnuPG doesn't really scale, for example? I have to admit I'm a bit puzzled by the question on this list, to be honest. Regards, -- Yves-Alexis
Attachment:
signature.asc
Description: This is a digitally signed message part
_______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
