[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Announce loop-AES-v3.0b file/swap crypto package
jerome etienne wrote:
> well it is a valid argument if you assume the OS has been corrupted.
> Nevertheless this assumption isnt mandatory, here is a scenario where it
> doesnt apply:
> 1. a user encrypt a whole removable disk with loop-aes
> 2. he goes in a conference and leave it unattended in a room (bad
> practice but it happen)
> 3. an attacker gets it, insert chosen data in it and put it back
> 4. the user replugs the removable device
>
> => with the current loop-aes, the attack succeed
> o the modification goes undetected and the user uses attacker's data
> as if they were legitimate.
Only if the user failed to RTFM.
loop-AES' README clearly states that it does not authenticate ciphertext,
and as such, does not protect against ciphertext tampering attacks.
--
Jari Ruusu 1024R/3A220F51 5B 4B F9 BB D3 3F 52 E9 DB 1D EB E3 24 0E A9 DD
-
Linux-crypto: cryptography in and on the Linux system
Archive: http://mail.nl.linux.org/linux-crypto/