[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Announce loop-AES-v3.0b file/swap crypto package

To: Jari Ruusu <jariruusu@xxxxxxxxxxxxxxxxxxxxx>
Subject: Re: Announce loop-AES-v3.0b file/swap crypto package
From: jerome etienne <jme@xxxxxxx>
Date: Sat, 22 Jan 2005 10:04:32 +0000
Cc: Peter_22@xxxxxx, linux-crypto@xxxxxxxxxxxx
In-reply-to: <41F1422C.27AF9E33@users.sourceforge.net>
List-archive: <http://mail.nl.linux.org/linux-crypto/>
List-help: <mailto:ecartis@nl.linux.org?Subject=help>
List-id: <linux-crypto.nl.linux.org>
List-owner: <mailto:ecartis-owner@nl.linux.org>
List-post: <mailto:linux-crypto@nl.linux.org>
List-software: Ecartis version 1.0.0
List-subscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=subscribe>
List-unsubscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=unsubscribe>
References: <41F0156F.B4909E8C@users.sourceforge.net> <8776.1106258436@www42.gmx.net> <41F1422C.27AF9E33@users.sourceforge.net>
Sender: linux-crypto-bounce@xxxxxxxxxxxx
User-agent: Mozilla Thunderbird 0.7.3 (X11/20040803)

Jari Ruusu wrote:
> then attacker can

overwrite encrypted data at byte offset Z with random junk. When that random junk at byte offset Z is decrypted, the file name will decrypt to different random junk, which is not /etc/hosts.deny .

good description of the attack. just a little precision, the attacker can choose, to a certain extend, the inserted data and so the resulting plaintext. http://off.net/~jme/loopdev_vul.html sec 2.2

-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/

Follow-Ups:
- Re: Announce loop-AES-v3.0b file/swap crypto package
  - From: Peter_22

References:
- Re: Announce loop-AES-v3.0b file/swap crypto package
  - From: Jari Ruusu
- Re: Announce loop-AES-v3.0b file/swap crypto package
  - From: Peter_22
- Re: Announce loop-AES-v3.0b file/swap crypto package
  - From: Jari Ruusu

Prev by Date: SHA1-based C-R for authentication
Next by Date: Donate to NarutoFan.com for Child Porn
Previous by thread: Re: Announce loop-AES-v3.0b file/swap crypto package
Next by thread: Re: Announce loop-AES-v3.0b file/swap crypto package
Index(es):
- Date
- Thread