Re: [PATCH] dm-crypt: disable block encryption with arc4

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, 9 Feb 2010, Herbert Xu wrote:

> Mikulas Patocka <mpatocka@xxxxxxxxxx> wrote:
> > 
> > You should rather add a flag CRYPTO_ALG_CHANGES_STATE to determine that a 
> > cipher can't be used to encrypt disks.
> 
> No, please see my reply in the previous thread.  What we should
> do is fix arc4.  I just haven't got around to doing it yet.

What is the fix for arc4? Copy the internal state after a key schedule and 
restore it with every encryption?

> As to blacklisting algorithms not suitable for disk encryption,
> that is up to the dm-crypt maintainers to decide.
> 
> Cheers,

I think blacklisting "arc4" is better, because it provides a fix now. 
Otherwise, people will just keep on arguing what is the "clean" solution 
and nothing gets done.

Mikulas
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux