--=_courier-31905-1056109376-0001-2
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Fri, Jun 20, 2003 at 12:49:53PM +0200, Andi Kleen wrote:
Comment: [1] stands for cryptoloop's CBC mode.
> [1] the problem is that it is too predictable. consider block 0,
> which is usually filled with zeros. It also has IV=3D=3D0. This means
> it it 100% equivalent to CBC and worse even has known plain text.
> Same problem applies to other blocks - the layout of most=20
> installations generated by standard installers is quite predictible.
> Fixing it is simple, but requires a new secret per file system.
Adding another secret doesn't improve security in that case.=20
Of course the first block is vulnerable to known plaintext attacks, but you
can only prevent those if you make the IV dependend on another secret.. the
key for example. But then you could have also just increased the key size,
which somehow automatically leads to the conclusion: the key is the only
secret which matters. You don't add security if you split the secret.
Clemens
--=_courier-31905-1056109376-0001-2
Content-Type: application/pgp-signature
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE+8uzcW7sr9DEJLk4RAnDCAJ9DIFodjdzGNDiyHzzrzmzXfft+hQCfYPoK
c6jaXzdES8lGjw7oITQ2VyU=
=FMxx
-----END PGP SIGNATURE-----
--=_courier-31905-1056109376-0001-2--