[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: new article/howto for cryptoapi
/dev/random should be used insince the CBC IV's decided upon right
here. And random IV's are a good thing. :)
JLC
On Sat, Jun 01, 2002 at 01:08:33PM +0100, Dale Amon wrote:
> On Fri, May 31, 2002 at 11:37:59AM -0600, mutex wrote:
> > Ok, so here is my howto/article about installing and using the CryptoAPI
> > for loopback encryption. It was originally written article style, to be
>
> An item to discuss: in the HowTo you write the original file:
>
> dd /dev/urandom ....
>
> I usually use a /dev/zero here, and then after a losetup write the
> new file system with another dd. Sometimes I use the /dev/urandom
> here if I feel particularly like getting more mixing, but otherwise
> another 'dd /dev/zero ...' should be nearly as good since the zeroes
> are being encrypted at this point, so the file externally will look
> as random as the actual encryption algorithm allows.
>
> This has been discussed here a number of times previously and
> is my current understanding of best practice.
>
> Comments?
>
>
> -
> Linux-crypto: cryptography in and on the Linux system
> Archive: http://mail.nl.linux.org/linux-crypto/
--
http://www.certainkey.com
Suite 4560 CTTC
1125 Colonel By Dr.
Ottawa ON, K1S 5B6
C: 613.263.2983
-
Linux-crypto: cryptography in and on the Linux system
Archive: http://mail.nl.linux.org/linux-crypto/