Re: [OT] Interference by multiple encryption.

[Boyd Waters <bwaters@xxxxxxxx>]

On Dec 10, 2005, at 3:31 PM, Jan Luehr wrote:

> Hello,
>
> Am Sonntag, 20. November 2005 22:00 schrieb Christian Kujau:
> > markus reichelt schrieb:
> > > i faintly remember that one of these two algos, twofish or blowfish,
> > > is not to be used for large amounts of data, like 200 GB or so. i
> > > don't recall the speficics, only remember that there was some  
> > > kind of
> > > catch to it. any info on this would be greatly appreciated.
> >
> > i think it was a general issue with block-ciphers, as detailed here:
> >
> > http://www.cryptolabs.org/aes/WeisLucksAESattacksDS1202.html
>
> Thus is there / will there be a loop-twofish for Linux / Unix?


I used a loop-twofish for a long time.

The concern about encrypting hundreds of gigabytes WITH THE SAME KEY  
is real.

Right now, loop-aes can use up to 65 keys on the data. The largest  
disks I own are 400 GB, which should have about the same risk -- when  
they are completely full -- of encrypting 6 GB of data with the same  
key.

I am not much concerned.

What is far more difficult is getting the overall crypto-system  
implementation correct. That is where the debates occur. I choose to  
use loop-aes these days.

~ boyd

Boyd Waters
Socorro, New Mexico

Attachment: smime.p7s
Description: S/MIME cryptographic signature