[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Loop-AES, security concerns, stability of file backed loop-aes
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Jari Ruusu schrieb:
> loop-AES is also vulnerable to attacker modifying ciphertext;
ciphertext is
> not authenticated and attacker tampered ciphertext will decrypt without
> detection. It is possible for attacker to revert whole file system
> ciphertext to some earlier version (if attacker had access and saved old
> ciphertext).
to access the ciphertext, the attacker must have access to the
(encrypted) partition / imagefile, right?
> My point is: secure software crypto in rooted or otherwise insecure box is
> impossible to achieve.
uh, <cough>, aaargh! you mean "100% secure software cry...", right?
i too think that "100% secure" is never possible, because of a lot of
things. but i also thought, loop-aes aims to be "quite secure", when it
comes to "the bad|good guys seize my harddisk". hm, but then they really
*have* access to the bare partitions and so they have access to the
ciphertext too and your mentioned ciphertext attacks are frightening me now.
i hope i've misunderstood you here...
Christian.
- --
BOFH excuse #311:
transient bus protocol violation
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFA9dbr+A7rjkF8z0wRAnERAJ4mbmuq/7Ab9PH7fFzDDN9AOjZzPQCgqJQr
hBdfLAxrErrtxxWXiX1s1Xw=
=pjjB
-----END PGP SIGNATURE-----
-
Linux-crypto: cryptography in and on the Linux system
Archive: http://mail.nl.linux.org/linux-crypto/