The following patch header is confusing given the mix of legacy and new concepts. I understand you're trying to establish context for what's new but to this reader I'm a bit lost in the jargon. Specifics below (and please forgive my naive questions). On Sun, Oct 20 2013 at 9:16am -0400, Milan Broz <gmazyland@xxxxxxxxx> wrote: > The dmcrypt already can activate TCRYPT (TrueCrypt compatible) containers > in LRW or XTS block encryption mode. > > TCRYPT containers prior to version 4.1 used CBC mode with some > additional tweaks. > > This patch adds support for these containers. > > For now, there is no support for chained ciphers, this TCW mode support > only containers encrypted with one cipher > (Tested with AES, Twofish, Serpentm CAST5 and TripleDES). What does TCW mean? How does it relate to CBC? - Is TCW mode: "CBC mode with some additional tweaks"? > While TCRYPT CBC mode is legacy and is known to be vulnerable > to some watermarking attacks (e.g. revealing of hidden disk > existence) it can be still useful to mount old containers > without using 3rd party software or for independent forensic > analysis of such containers. Now you're switching back to referring to "TCRYPT CBC mode". What happened to "TCW mode"? > (Both userspace and kernel code is independent implementation > based on format documentation and completely avoids use of original > source code.) > > Encryption uses CBC mode with special IV generated from > additional key, xored with sector number. > > There is also second key used for "whitening" of sectors. > Whitening key is xored with sector number and mixed using > CRC32 and resulting value is applied to whole sector. > (Detailed calculation is in Truecrypt documentation for version < 4.1 > and will be also described on dmcrypt site.) Can you add a pointer to the Truecrypt documentation for < 4.1? Or a pointer to the dmcrypt site documentation? > IV and whitening key is concatenated with encryption key, > so kernel receives all these keys as K|IV_key|Whitening_key > in one string. > Length of IV key is always the same as IV of selected cipher > and length of whitening key is fixed to TCW_WHITENING_SIZE, > so key string can be split properly. > > The experimental support for activation of these containers > is already present in git devel brach of cryptsetup. Again, an example that documents a theoretical ctr line (before and after patch?) would probably go a long way to help clarify what is new here. -- dm-devel mailing list dm-devel@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/dm-devel
