On Tue, 9 Feb 2010, Herbert Xu wrote: > Mikulas Patocka <mpatocka@xxxxxxxxxx> wrote: > > > > You should rather add a flag CRYPTO_ALG_CHANGES_STATE to determine that a > > cipher can't be used to encrypt disks. > > No, please see my reply in the previous thread. What we should > do is fix arc4. I just haven't got around to doing it yet. What is the fix for arc4? Copy the internal state after a key schedule and restore it with every encryption? > As to blacklisting algorithms not suitable for disk encryption, > that is up to the dm-crypt maintainers to decide. > > Cheers, I think blacklisting "arc4" is better, because it provides a fix now. Otherwise, people will just keep on arguing what is the "clean" solution and nothing gets done. Mikulas -- dm-devel mailing list dm-devel@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/dm-devel
