From owner-linux-crypto@nl.linux.org Mon Oct 1 00:03:35 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Mon, 1 Oct 2001 00:03:22 +0200 Received: from pluto.runbox.com ([193.71.199.39]:25357 "EHLO pluto.runbox.com") by humbolt.nl.linux.org with ESMTP id ; Mon, 1 Oct 2001 00:03:02 +0200 Received: from [32.103.46.39] (helo=room101.2y.net) by pluto.runbox.com with esmtp (Exim 3.16 #2) id 15nofi-0001Md-00 for linux-crypto@nl.linux.org; Mon, 01 Oct 2001 00:02:51 +0200 Received: by room101.2y.net (Postfix, from userid 1000) id AD1B612A1; Sun, 30 Sep 2001 17:04:24 -0500 (CDT) Date: Sun, 30 Sep 2001 17:04:24 -0500 From: Rob McGee To: linux-crypto@nl.linux.org Subject: Re: Start crypted volumes at bootup? / LM8.1 Upgrade (make xconfig) Message-ID: <20010930170424.A2095@hal> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: ; from stuart@bh90210.net on Sun, Sep 30, 2001 at 02:27:49PM -0700 Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list On Sun, Sep 30, 2001 at 02:27:49PM -0700, IT3 Stuart B. Tener, USNR-R wrote: > I am interested to find out, when I do a "make xconfig", I cannot at all see > which options are ticked off or not since having upgraded my Mandrake to > 8.1. Has anyone noticed this issue? Any way it can be worked around? They "make menuconfig" :) Seriously, Stuart, an issue like that is probably in the configuration of your window manager, and it could be almost anything. And it would be way off-topic here -- you might want to take it to the Mandrake user forums or newsgroups. I have and use X, but I really prefer "make menuconfig" in the console. I'll bet I spend half or more of my computer time at the good old Linux console. Good luck. Rob - /dev/rob0 Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Mon Oct 1 00:13:48 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Mon, 1 Oct 2001 00:13:34 +0200 Received: from mta5.snfc21.pbi.net ([206.13.28.241]:31431 "EHLO snfc21.pbi.net") by humbolt.nl.linux.org with ESMTP id ; Mon, 1 Oct 2001 00:13:06 +0200 Disposition-notification-to: stuart@bh90210.net Received: from w2kpro01 ([206.170.209.179]) by mta5.snfc21.pbi.net (iPlanet Messaging Server 5.1 (built May 7 2001)) with SMTP id <0GKH0010OXPRV9@mta5.snfc21.pbi.net> for linux-crypto@nl.linux.org; Sun, 30 Sep 2001 15:13:04 -0700 (PDT) Date: Sun, 30 Sep 2001 15:09:48 -0700 From: "IT3 Stuart B. Tener, USNR-R" Subject: RE: Start crypted volumes at bootup? / LM8.1 Upgrade (make xconfig) In-reply-to: <20010930170424.A2095@hal> To: Rob McGee , linux-crypto@nl.linux.org Reply-to: stuart@bh90210.net Message-id: MIME-version: 1.0 X-MIMEOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) Content-type: text/plain; charset=us-ascii Content-transfer-encoding: 7BIT Importance: Normal X-Priority: 3 (Normal) X-MSMail-priority: Normal Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list Mr. McGee, et al.: Yeah, it is off topic. However, there are so many intelligent minds here, I figured I would give it a go. I know to use "make menuconfig", but I have a customer. One who paid me to upgrade his system, and he is now asking me why he paid to loose functionality. I cannot give him that answer, but I may end up having to reduce what I charged him to upgrade his system, which I prefer not to do. As soon as I figure out which file in the GNOME configuration sets those sort of options, I am going to play with it. Still doing research though. I am not an expert at GNOME configuration tidbits, but I am going to attack it from that perspective. Very Respectfully, Stuart Blake Tener, IT3, USNR-R, N3GWG Beverly Hills, California VTU 1904G (Volunteer Training Unit) stuart@bh90210.net west coast: (310)-358-0202 P.O. Box 16043, Beverly Hills, CA 90209-2043 east coast: (215)-338-6005 P.O. Box 45859, Philadelphia, PA 19149-5859 Telecopier: (419)-715-6073 fax to email gateway via www.efax.com (it's free!) JOIN THE US NAVY RESERVE, SERVE YOUR COUNTRY, AND BENEFIT FROM IT ALL. Sunday, September 30, 2001 3:04 PM -----Original Message----- From: owner-linux-crypto@nl.linux.org [mailto:owner-linux-crypto@nl.linux.org]On Behalf Of Rob McGee Sent: Sunday, September 30, 2001 3:04 PM To: linux-crypto@nl.linux.org Subject: Re: Start crypted volumes at bootup? / LM8.1 Upgrade (make xconfig) On Sun, Sep 30, 2001 at 02:27:49PM -0700, IT3 Stuart B. Tener, USNR-R wrote: > I am interested to find out, when I do a "make xconfig", I cannot at all see > which options are ticked off or not since having upgraded my Mandrake to > 8.1. Has anyone noticed this issue? Any way it can be worked around? They "make menuconfig" :) Seriously, Stuart, an issue like that is probably in the configuration of your window manager, and it could be almost anything. And it would be way off-topic here -- you might want to take it to the Mandrake user forums or newsgroups. I have and use X, but I really prefer "make menuconfig" in the console. I'll bet I spend half or more of my computer time at the good old Linux console. Good luck. Rob - /dev/rob0 Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Mon Oct 1 00:30:26 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Mon, 1 Oct 2001 00:30:20 +0200 Received: from pluto.runbox.com ([193.71.199.39]:17156 "EHLO pluto.runbox.com") by humbolt.nl.linux.org with ESMTP id ; Mon, 1 Oct 2001 00:30:03 +0200 Received: from [32.103.46.39] (helo=room101.2y.net) by pluto.runbox.com with esmtp (Exim 3.16 #2) id 15np5u-0007Q2-00 for linux-crypto@nl.linux.org; Mon, 01 Oct 2001 00:29:55 +0200 Received: by room101.2y.net (Postfix, from userid 1000) id 153A612A1; Sun, 30 Sep 2001 17:31:48 -0500 (CDT) Date: Sun, 30 Sep 2001 17:31:48 -0500 From: Rob McGee To: linux-crypto@nl.linux.org Subject: Re: Start crypted volumes at bootup? / LM8.1 Upgrade (make xconfig) Message-ID: <20010930173148.B2095@hal> References: <20010930170424.A2095@hal> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: ; from stuart@bh90210.net on Sun, Sep 30, 2001 at 03:09:48PM -0700 Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list On Sun, Sep 30, 2001 at 03:09:48PM -0700, IT3 Stuart B. Tener, USNR-R wrote: > Yeah, it is off topic. However, there are so many intelligent minds here, I > figured I would give it a go. No problem. Maybe somebody will come along who knows. > I know to use "make menuconfig", but I have a > customer. One who paid me to upgrade his system, and he is now asking me why > he paid to loose functionality. I cannot give him that answer, but I may end > up having to reduce what I charged him to upgrade his system, which I prefer > not to do. My philosophy, both as a consultant and an end-user, is "if it ain't broke don't fix it." But I sure understand the temptation, since you can upgrade so frequently and cheaply (as opposed to MS charging US$90 for minor incremental upgrades to Windows) to stay on the cutting edge. I guess that's why they call it "cutting edge" -- you get cut. :) Rob - /dev/rob0 Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Mon Oct 1 06:46:19 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Mon, 1 Oct 2001 06:46:12 +0200 Received: from ns4.raid.ru ([212.33.224.131]:44553 "EHLO main.raid.ru") by humbolt.nl.linux.org with ESMTP id ; Mon, 1 Oct 2001 06:45:57 +0200 Received: from [212.33.230.41] (helo=admin) by main.raid.ru with esmtp (Exim 3.12 #1 (Debian)) id 15nuxa-0005P8-00 for ; Mon, 01 Oct 2001 10:45:42 +0600 From: "Antropov Anton" To: Subject: RE: Possible to determine crypto-type from crypted file? Date: Mon, 1 Oct 2001 10:47:48 +0600 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) Importance: Normal In-Reply-To: X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Disposition-Notification-To: "Antropov Anton" Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list > > > Is it possible to determine what crypto-type (aes, twofish, blowfish, > > > etc) that has been used to crypt a file by just looking in the file > > > examining its content? > > No. > How can you be so sure about this? Can your refer to some document > proving/stating that? It is prooved by the way modern cryptoalgorythms are working on. If you have mixed and permutated bits how can you know what type of algorytnms was used without successfull atacks and/or without knowing the original (plain) text? Only special header or signature can show it but I am sure they are not used due to security reason. Regards, Anton Antropov. Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Mon Oct 1 07:28:20 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Mon, 1 Oct 2001 07:28:14 +0200 Received: from mta06-svc.ntlworld.com ([62.253.162.46]:25222 "EHLO mta06-svc.ntlworld.com") by humbolt.nl.linux.org with ESMTP id ; Mon, 1 Oct 2001 07:28:02 +0200 Received: from kenya ([213.104.84.124]) by mta06-svc.ntlworld.com (InterMail vM.4.01.03.00 201-229-121) with ESMTP id <20011001052751.VDLD268.mta06-svc.ntlworld.com@kenya>; Mon, 1 Oct 2001 06:27:51 +0100 Received: from ceylon [192.168.1.1] (mail) by kenya with esmtp (Exim 3.12 #1 (Debian)) id 15nnLF-000859-00; Sun, 30 Sep 2001 20:37:37 +0000 Received: from www-data by ceylon with local (Exim 3.12 #1 (Debian)) id 15nnGN-0000Z6-00; Sun, 30 Sep 2001 20:32:35 +0000 To: "IT3 Stuart B. Tener, USNR-R" Subject: RE: Announce loop-AES-v1.4e file/swap crypto package Message-ID: <1001881955.3bb7816307c6c@ceylon> Date: Sun, 30 Sep 2001 20:32:35 +0000 (GMT) From: Andrew McGuinness Cc: linux-crypto@nl.linux.org References: In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit User-Agent: IMP/PHP IMAP webmail program 2.2.6 X-Originating-IP: 192.168.1.1 Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list Quoting "IT3 Stuart B. Tener, USNR-R" : > Mr. Ruusu: > > So if I understand you correctly, it is the "seed" which is allowing us > to > choose our own less secure phrases, and the seed makes it that much > tougher? > So buy using the longest "bitwise" seed we can, we are more able to feel > comfortable with lower entropy phrases? > I believe what we are talking about is called a "salt" in the literature. It does not have any effect on the difficulty of attacking a single target (because the attacker knows the salt) but it removes an economy of scale that can be used when trying to break any one of a large number of targets simultaneously: precomputing the hashes of a large number of possible passphrases. If you do a search for "cryptographic salt", you'll probably find a fuller description of the concept. In short, it is a good feature to have, but it is not the same as having a better passphrase, except in certain circumstances. In particular, it does not need to be very large to have the effect of eliminating the only attack it is useful against, so there is no real advantage to making it larger. -- Andrew McGuinness Luton, UK a.mcguinness@ntlworld.com Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Mon Oct 1 11:14:18 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Mon, 1 Oct 2001 11:14:11 +0200 Received: from mail2.uni-bielefeld.de ([129.70.4.90]:54365 "EHLO mail.uni-bielefeld.de") by humbolt.nl.linux.org with ESMTP id ; Mon, 1 Oct 2001 11:13:59 +0200 Received: from dirichlet.mathematik.uni-bielefeld.de (dirichlet.Mathematik.Uni-Bielefeld.DE [129.70.24.67]) by mail.uni-bielefeld.de (Sun Internet Mail Server sims.4.0.2000.10.12.16.25.p8) with ESMTP id <0GKI006B8SBBU0@mail.uni-bielefeld.de> for linux-crypto@nl.linux.org; Mon, 1 Oct 2001 11:14:00 +0200 (MET DST) Date: Sun, 30 Sep 2001 20:03:24 +0200 From: Marc Mutz Subject: Re: Announce loop-AES-v1.4e file/swap crypto package In-reply-to: <005801c1499c$a7f71c00$0100005a@host1> To: "peter k." Cc: linux-crypto@nl.linux.org Message-id: <0GKI006B9SBCU0@mail.uni-bielefeld.de> MIME-version: 1.0 X-Mailer: KMail [version 1.3.6] Content-type: text/plain; charset=iso-8859-1 Content-transfer-encoding: 7BIT X-KMail-Identity: Marc.Mutz@uni-bielefeld.de References: <3BB5E09F.E3C00B5A@pp.inet.fi> <005801c1499c$a7f71c00$0100005a@host1> Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list On Sunday 30 September 2001 12:42, peter k. wrote: > and, would it be a good idea to use for example 128 bytes of urandom > data (and i wouldnt save it to disk of course) as the seed when > encrypting swap? No. When you encyrpt swap, you should use a new key everytime you swpon (and maybe even rekey periodically, say, every few days). You should use a full keylength bits' key with full entropy. If you do this, you don't need a seed. (and even if you did, 128 _bits_ would be more than enough). Also, the seed need not be secret (and can't be). It must be random, though, so you'd better use /dev/random instead of urandom... Marc -- Military justice is to justice what military music is to music. -- Groucho Marx Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Mon Oct 1 20:16:55 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Mon, 1 Oct 2001 20:16:44 +0200 Received: from smtp013.mail.yahoo.com ([216.136.173.57]:55816 "HELO smtp013.mail.yahoo.com") by humbolt.nl.linux.org with SMTP id ; Mon, 1 Oct 2001 20:16:25 +0200 Received: from pool-151-203-240-75.bos.east.verizon.net (HELO pcmhnew) (151.203.240.75) by smtp.mail.vip.sc5.yahoo.com with SMTP; 1 Oct 2001 18:16:17 -0000 X-Apparently-From: Message-ID: <000d01c14aa5$2d59be80$6601a8c0@pcmhnew> From: "Paul Hilton" To: "Michel Bouissou" Cc: References: <002b01c14857$40699360$6601a8c0@pcmhnew> <200109282359.29804@totor.bouissou.net> Subject: Re: International Crypto Standalone - can't install Date: Mon, 1 Oct 2001 14:15:47 -0400 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 8bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4522.1200 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list Michel, Thanks for your reply, I tried it, (cryptoapi-standalone-2.4.7.0-2.4.8_26mdk1crypto.i586.rpm) and it generated exactly the same errors as my original attempt using the cryptoapi-2.4.7.0 I tried before, depmod -a fails with all the same unresolved references. losetup and mount were not a problem. Regards, Paul Hilton ----- Original Message ----- From: "Michel Bouissou" To: "Paul Hilton" ; Sent: Friday, September 28, 2001 6:06 PM Subject: Re: International Crypto Standalone - can't install > Le Vendredi 28 Septembre 2001 21:53, Paul Hilton a écrit : > > > > I have Red Hat 7.1, I updated the kernel, the kernel source and the kernel > > headers with RPMs from Red Hat to 2.4.3-12. I did not recompile the kernel. > > I'm not sure if my cryptoapi-standalone RPMs will be compatable with your > 2.4.3 kernel, but it might, and as it's only the matter of installing an RPM, > you might want to give it a try... > > It was made for Mandrake 8.1, but the standalone version might work with a > 2.4.3 kernel on a RedHat as well... > > Take a look at the documentaion file at: > ftp://ftp.i-quake.com/pub/crypto/linux/cryptoapi/mandrake-unofficial/8.1/RPM S/cryptoapi-2.4.7.0-2.4.8_26.README.txt > > Then you would only need the following 3 small RPMs from the same FTP: > losetup-2.11h-2mdk2crypto.i586.rpm > mount-2.11h-2mdk2crypto.i586.rpm > cryptoapi-standalone-2.4.7.0-2.4.8_26mdk1crypto.i586.rpm > > I'm reasonably confident that the losetup and mount RPMs should be OK on your > system. > > For the cryptoapi standalone, due to your kernel version, you will have to > move the kernel modules by hand after installation, into the correct > /lib/modules//cryptoapi directory for your kernel. > > Then, I can't tell if it will work or not, but it may be worth giving it a > try... > > Good luck ;-) > > -- > michel@bouissou.net > OpenPGP DH/DSS ID 0x5C2BEE8F > > Linux-crypto: cryptography in and on the Linux system > Archive: http://mail.nl.linux.org/linux-crypto/ _________________________________________________________ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Mon Oct 1 20:17:15 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Mon, 1 Oct 2001 20:17:13 +0200 Received: from mta6.snfc21.pbi.net ([206.13.28.240]:19884 "EHLO snfc21.pbi.net") by humbolt.nl.linux.org with ESMTP id ; Mon, 1 Oct 2001 20:17:00 +0200 Received: from w2kpro01 ([206.170.210.74]) by mta6.snfc21.pbi.net (iPlanet Messaging Server 5.1 (built May 7 2001)) with SMTP id <0GKJ006TUHG7AT@mta6.snfc21.pbi.net> for linux-crypto@nl.linux.org; Mon, 01 Oct 2001 11:16:58 -0700 (PDT) Date: Mon, 01 Oct 2001 11:13:38 -0700 From: "IT3 Stuart B. Tener, USNR-R" Subject: RE: Announce loop-AES-v1.4e file/swap crypto package In-reply-to: <0GKI006B9SBCU0@mail.uni-bielefeld.de> To: Marc Mutz , "peter k." Cc: linux-crypto@nl.linux.org Reply-to: stuart@bh90210.net Message-id: MIME-version: 1.0 X-MIMEOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) Content-type: text/plain; charset=iso-8859-1 Content-transfer-encoding: 7BIT Importance: Normal X-Priority: 3 (Normal) X-MSMail-priority: Normal Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list Mark, et al.: As I have asked before, I think it would be useful if we had some sort of FAQ which states some of these issues and "should do it this way" recommendations. Several months back there was a very deep exchange on entropy, as well. Can we not put this all together in some centralized place so people can review it and update it? If web space is the issue, I can provide that. Very Respectfully, Stuart Blake Tener, IT3, USNR-R, N3GWG Beverly Hills, California VTU 1904G (Volunteer Training Unit) stuart@bh90210.net west coast: (310)-358-0202 P.O. Box 16043, Beverly Hills, CA 90209-2043 east coast: (215)-338-6005 P.O. Box 45859, Philadelphia, PA 19149-5859 Telecopier: (419)-715-6073 fax to email gateway via www.efax.com (it's free!) JOIN THE US NAVY RESERVE, SERVE YOUR COUNTRY, AND BENEFIT FROM IT ALL. Monday, October 01, 2001 10:48 AM -----Original Message----- From: owner-linux-crypto@nl.linux.org [mailto:owner-linux-crypto@nl.linux.org] On Behalf Of Marc Mutz Sent: Sunday, September 30, 2001 11:03 AM To: peter k. Cc: linux-crypto@nl.linux.org Subject: Re: Announce loop-AES-v1.4e file/swap crypto package On Sunday 30 September 2001 12:42, peter k. wrote: > and, would it be a good idea to use for example 128 bytes of urandom > data (and i wouldnt save it to disk of course) as the seed when > encrypting swap? No. When you encyrpt swap, you should use a new key everytime you swpon (and maybe even rekey periodically, say, every few days). You should use a full keylength bits' key with full entropy. If you do this, you don't need a seed. (and even if you did, 128 _bits_ would be more than enough). Also, the seed need not be secret (and can't be). It must be random, though, so you'd better use /dev/random instead of urandom... Marc -- Military justice is to justice what military music is to music. -- Groucho Marx Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Tue Oct 2 12:53:46 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Tue, 2 Oct 2001 12:53:40 +0200 Received: from [213.235.59.34] ([213.235.59.34]:58356 "EHLO ebone.net") by humbolt.nl.linux.org with ESMTP id ; Tue, 2 Oct 2001 12:53:31 +0200 Received: (from tom@localhost) by ebone.net (8.11.0/8.11.0) id f92Au5001049; Tue, 2 Oct 2001 11:56:05 +0100 Date: Tue, 2 Oct 2001 11:56:05 +0100 From: Tom Molesworth To: Jonas Larsson Cc: linux-crypto@nl.linux.org Subject: Re: International Crypto Standalone - can't install Message-ID: <20011002115605.A1023@gnr.com> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: ; from jonas53@hotmail.com on Sat, Sep 29, 2001 at 01:16:05PM +0000 Organization: The Global Name Registry Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list On Sat, Sep 29, 2001 at 01:16:05PM +0000, Jonas Larsson wrote: > # modprobe cryptoloop > /lib/modules/2.4.3-12/cryptoapi/cryptoapi.o: unresolved symbol > create_proc_entry_R79ff647f > /lib/modules/2.4.3-12/cryptoapi/cryptoapi.o: unresolved symbol > remove_proc_entry_R7e0bcf0f > /lib/modules/2.4.3-12/cryptoapi/cryptoapi.o: unresolved symbol > proc_mkdir_Rb6104054 > /lib/modules/2.4.3-12/cryptoapi/cryptoapi.o: insmod > /lib/modules/2.4.3-12/cryptoapi/cryptoapi.o failed > /lib/modules/2.4.3-12/cryptoapi/cryptoapi.o: insmod cryptoloop failed Looks like you have "include module version numbers" turned on in cryptoapi, and off in the kernel - or the other way 'round. Try recompiling the kernel and cryptoapi with the "kernel module versions" turned off. cheers, Tom. Tom Molesworth DNS Head Developer The Global Name Registry Tel: +44 (0) 207 025 2218 Fax: +44 (0) 207 242 9105 Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Tue Oct 2 18:15:55 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Tue, 2 Oct 2001 18:15:44 +0200 Received: from cx230813-a.alsv1.occa.home.com ([24.1.169.123]:7175 "EHLO rush.lo0.org") by humbolt.nl.linux.org with ESMTP id ; Tue, 2 Oct 2001 18:15:23 +0200 Received: from localhost (localhost [127.0.0.1]) by rush.lo0.org (Postfix) with ESMTP id BC011140; Tue, 2 Oct 2001 09:15:20 -0700 (PDT) Date: Tue, 2 Oct 2001 09:15:20 -0700 (PDT) From: To: Cc: Subject: big problems after 2.4.10 Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list i recently upgraded to 2.4.10 and applied the new loop.c patches by herbert. when i mounted an encrypted filesystem, i got quite a suprise. files were owned by odd uids and some were _very_ large and one was even a character device. here are some examples of the directory listing (i've removed file names) ?--Srws-wT 1 50757 users 2374319912 Apr 7 2000 dr-srw---T 1 35441 users 406876523 Sep 17 17:19 -rw-r--r-- 1 beldridg users 38400 Sep 17 17:19 -rw-r--r-- 1 beldridg users 37376 Sep 23 09:16 -rwxr--r-- 1 beldridg users 87552 Apr 20 1999 ?rwxr--rw- 4 beldridg users 1024 Oct 11 2000 ?rwsr--rw- 4 103 users 1024 Mar 12 2001 -rwxr-x-wx 1 beldridg users 156160 Aug 8 18:49 -rw-r--r-- 1 beldridg users 164860 Dec 21 2000 -rwxr--r-- 1 beldridg users 108032 Nov 20 2000 drwxr-xr-x 2 root root 12288 Aug 16 17:40 lost+found -rw-r--r-- 1 beldridg users 34816 Sep 24 10:54 -rwxr--r-- 1 beldridg users 36864 Aug 17 16:23 crwsr--rw- 8 xfs users 160, 252 Sep 7 09:19 drwxr-xr-x 4 beldridg users 1024 Aug 12 09:11 ?-ws--x--T 2 30056 users 3233623296 Aug 16 17:50 any ideas before i revert to 2.4.9? - brett Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Tue Oct 2 20:40:49 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Tue, 2 Oct 2001 20:40:31 +0200 Received: from pluto.runbox.com ([193.71.199.39]:52486 "EHLO pluto.runbox.com") by humbolt.nl.linux.org with ESMTP id ; Tue, 2 Oct 2001 20:40:12 +0200 Received: from [32.103.46.68] (helo=room101.2y.net) by pluto.runbox.com with esmtp (Exim 3.16 #2) id 15oUSW-0005Gu-00 for linux-crypto@nl.linux.org; Tue, 02 Oct 2001 20:40:03 +0200 Received: by room101.2y.net (Postfix, from userid 1000) id 98F3A12D9; Tue, 2 Oct 2001 13:38:39 -0500 (CDT) Date: Tue, 2 Oct 2001 13:38:39 -0500 From: Rob McGee To: linux-crypto@nl.linux.org Subject: Re: big problems after 2.4.10 Message-ID: <20011002133839.F2095@hal> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: ; from beldridg@pobox.com on Tue, Oct 02, 2001 at 09:15:20AM -0700 Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list On Tue, Oct 02, 2001 at 09:15:20AM -0700, beldridg@pobox.com wrote: > i recently upgraded to 2.4.10 and applied the new loop.c patches by > herbert. > > when i mounted an encrypted filesystem, i got quite a suprise. files were > owned by odd uids and some were _very_ large and one was even a character > device. here are some examples of the directory listing (i've removed file > [snip] > > any ideas before i revert to 2.4.9? I would make a copy of it (the unmounted filesystem container) and try fsck. Then I would try booting the old 2.4.9 again to find out if the problem is in the filesystem or in the cryptoapi/loop drivers. FWIW, I'm running 2.4.10 with a loop.o crafted from the old 2.4.6 patch. I didn't use HVR's new patch; I just discarded the patch reject. I have not yet tried any encrypted filesystem, but I am using the encryption of swap (yes, against HVR's advice. :) So far no problems noted here. I've been working toward the goal of encrypting my entire /home partition, then maybe eventually going for the initrd and encrypting /. But I had some problems reading some filesystems created with 2.4.9 and cryptoapi both with and without IV_MODE_SECTOR, so I'm not brave enough to proceed yet. :) (This was when still using 2.4.9.) Rob - /dev/rob0 Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Wed Oct 3 02:50:48 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Wed, 3 Oct 2001 02:50:31 +0200 Received: from cx230813-a.alsv1.occa.home.com ([24.1.169.123]:56069 "EHLO rush.lo0.org") by humbolt.nl.linux.org with ESMTP id ; Wed, 3 Oct 2001 02:50:12 +0200 Received: from localhost (localhost [127.0.0.1]) by rush.lo0.org (Postfix) with ESMTP id E7B2A2F0; Tue, 2 Oct 2001 17:50:00 -0700 (PDT) Date: Tue, 2 Oct 2001 17:50:00 -0700 (PDT) From: Reply-To: To: Rob McGee Cc: Subject: Re: big problems after 2.4.10 In-Reply-To: <20011002133839.F2095@hal> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list On Tue, 2 Oct 2001, Rob McGee wrote: > I would make a copy of it (the unmounted filesystem container) and try > fsck. interesting. i did fsck it under 2.4.9. maybe i'll boot into 2.4.10 and fsck it again - although it shouldn't make a difference. > Then I would try booting the old 2.4.9 again to find out if the > problem is in the filesystem or in the cryptoapi/loop drivers. everything still works in 2.4.9. just out of curiosity, has anybody tried using 2.2.x with the cryptoapi patch. the more i run 2.4.x, the more i think i should just wait a while for it to get stable. > I've been working toward the goal of encrypting my entire /home > partition, then maybe eventually going for the initrd and encrypting > /. But I had some problems reading some filesystems created with 2.4.9 > and cryptoapi both with and without IV_MODE_SECTOR, so I'm not brave > enough to proceed yet. :) (This was when still using 2.4.9.) much braver than i. :) - brett Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Wed Oct 3 03:07:04 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Wed, 3 Oct 2001 03:06:50 +0200 Received: from SilCon.SilCon.com ([206.99.109.10]:43273 "EHLO silcon.silcon.com") by humbolt.nl.linux.org with ESMTP id ; Wed, 3 Oct 2001 03:06:25 +0200 Received: from grape (c1555661-a.wntck1.sfba.home.com [65.11.42.206]) by silcon.silcon.com (8.11.6/8.11.2) with ESMTP id f9316Fj14111; Tue, 2 Oct 2001 18:06:15 -0700 Reply-To: From: "George Milliken" To: , "Rob McGee" Cc: Subject: RE: big problems after 2.4.10 Date: Tue, 2 Oct 2001 18:05:43 -0700 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) In-Reply-To: Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list On a clear disk you can fsck forever..... -----Original Message----- From: owner-linux-crypto@nl.linux.org [mailto:owner-linux-crypto@nl.linux.org]On Behalf Of beldridg@best.com Sent: Tuesday, October 02, 2001 5:50 PM To: Rob McGee Cc: linux-crypto@nl.linux.org Subject: Re: big problems after 2.4.10 On Tue, 2 Oct 2001, Rob McGee wrote: > I would make a copy of it (the unmounted filesystem container) and try > fsck. interesting. i did fsck it under 2.4.9. maybe i'll boot into 2.4.10 and fsck it again - although it shouldn't make a difference. > Then I would try booting the old 2.4.9 again to find out if the > problem is in the filesystem or in the cryptoapi/loop drivers. everything still works in 2.4.9. just out of curiosity, has anybody tried using 2.2.x with the cryptoapi patch. the more i run 2.4.x, the more i think i should just wait a while for it to get stable. > I've been working toward the goal of encrypting my entire /home > partition, then maybe eventually going for the initrd and encrypting > /. But I had some problems reading some filesystems created with 2.4.9 > and cryptoapi both with and without IV_MODE_SECTOR, so I'm not brave > enough to proceed yet. :) (This was when still using 2.4.9.) much braver than i. :) - brett Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Wed Oct 3 03:35:23 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Wed, 3 Oct 2001 03:35:05 +0200 Received: from cx230813-a.alsv1.occa.home.com ([24.1.169.123]:14343 "EHLO rush.lo0.org") by humbolt.nl.linux.org with ESMTP id ; Wed, 3 Oct 2001 03:34:50 +0200 Received: from localhost (localhost [127.0.0.1]) by rush.lo0.org (Postfix) with ESMTP id C674F2F0; Tue, 2 Oct 2001 18:34:43 -0700 (PDT) Date: Tue, 2 Oct 2001 18:34:43 -0700 (PDT) From: Reply-To: To: George Milliken Cc: Rob McGee , Subject: RE: big problems after 2.4.10 In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list On Tue, 2 Oct 2001, George Milliken wrote: > On a clear disk you can fsck forever..... agreed. i'm pretty sure it's not a problem with disk or file structure. - brett Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Wed Oct 3 06:25:13 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Wed, 3 Oct 2001 06:24:56 +0200 Received: from mailgate5.cinetic.de ([217.72.192.165]:57747 "EHLO mailgate5.cinetic.de") by humbolt.nl.linux.org with ESMTP id ; Wed, 3 Oct 2001 06:24:35 +0200 Received: from smtp.web.de (smtp01.dlan.cinetic.de [172.20.0.189]) by mailgate5.cinetic.de (8.11.2/8.11.2/SuSE Linux 8.11.0-0.4) with SMTP id f934N9u07103 for ; Wed, 3 Oct 2001 06:23:09 +0200 Received: from web.de by smtp.web.de with smtp (freemail 4.2.2.3 #20) id m15odYr-007pluC; Wed, 3 Oct 2001 06:23 +0200 Message-ID: <3BBA92AD.1294F65B@web.de> Date: Wed, 03 Oct 2001 06:23:09 +0200 From: Rainer Ellinger Reply-To: rainer@ellinger.de Organization: Rainers Rechenzentrum X-Mailer: Mozilla 4.77 [en] (X11; U; Linux 2.4.10-RE10 i586) X-Accept-Language: en MIME-Version: 1.0 To: linux-crypto@nl.linux.org Subject: Re: big problems after 2.4.10 References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list beldridg@pobox.com wrote:  > when i mounted an encrypted filesystem, i got quite a suprise. > ?--Srws-wT 1 50757 users 2374319912 Apr 7 2000 > dr-srw---T 1 35441 users 406876523 Sep 17 17:19 Don't write to the device in that state. You'll going to destroy data! This is the output if you've the right key, but you're using a different IV (Initialisation Vector) calculation. IV handling differs between 2.2 intern. patch, 2.4 intern. patch and 2.4 hvr int. patch. The only way would be a backup with the old method and restore to a drive using the new software version (probably having mcrypt somewhere in the backup pipe ;-) -- rainer@ellinger.de Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Wed Oct 3 11:28:38 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Wed, 3 Oct 2001 11:28:25 +0200 Received: from mta7.pltn13.pbi.net ([64.164.98.8]:29903 "EHLO pltn13.pbi.net") by humbolt.nl.linux.org with ESMTP id ; Wed, 3 Oct 2001 11:28:13 +0200 Received: from w2kpro01 ([206.170.209.39]) by mta7.pltn13.pbi.net (iPlanet Messaging Server 5.1 (built May 7 2001)) with SMTP id <0GKM0071DIAWVI@mta7.pltn13.pbi.net> for linux-crypto@nl.linux.org; Wed, 03 Oct 2001 02:28:10 -0700 (PDT) Date: Wed, 03 Oct 2001 02:24:35 -0700 From: "IT3 Stuart B. Tener, USNR-R" Subject: RE: Announce loop-AES-v1.4e file/swap crypto package In-reply-to: <0GKI006B9SBCU0@mail.uni-bielefeld.de> To: linux-crypto@nl.linux.org Reply-to: stuart@bh90210.net Message-id: MIME-version: 1.0 X-MIMEOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) Content-type: text/plain; charset=iso-8859-1 Content-transfer-encoding: 7BIT Importance: Normal X-Priority: 3 (Normal) X-MSMail-priority: Normal Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list To whom it shall concern: I attempted to install and use the Mandrake 8.1 RPMs for the crypto API and ran into a few issues I am curious about. 1) Are you supposed to get error messages like "already installed" when doing this? 2) I read the documentation readme that came with the RPMs I downloaded, but what is the name of the file that has the documentation in the "Doc" directory in /usr/src/linux? 3) The Binary RPMs (of the kernel) were not usable to me, as I have my root partition using ReiserFS and these binaries were built absent that module. However, now that I have to rebuild the kernel (which I don't mind), how do I verify that all the crypto patches are in place in the source tree? Very Respectfully, Stuart Blake Tener, IT3, USNR-R, N3GWG Beverly Hills, California VTU 1904G (Volunteer Training Unit) stuart@bh90210.net west coast: (310)-358-0202 P.O. Box 16043, Beverly Hills, CA 90209-2043 east coast: (215)-338-6005 P.O. Box 45859, Philadelphia, PA 19149-5859 Telecopier: (419)-715-6073 fax to email gateway via www.efax.com (it's free!) JOIN THE US NAVY RESERVE, SERVE YOUR COUNTRY, AND BENEFIT FROM IT ALL. Wednesday, October 03, 2001 2:21 AM -----Original Message----- From: owner-linux-crypto@nl.linux.org [mailto:owner-linux-crypto@nl.linux.org]On Behalf Of Marc Mutz Sent: Sunday, September 30, 2001 11:03 AM To: peter k. Cc: linux-crypto@nl.linux.org Subject: Re: Announce loop-AES-v1.4e file/swap crypto package On Sunday 30 September 2001 12:42, peter k. wrote: > and, would it be a good idea to use for example 128 bytes of urandom > data (and i wouldnt save it to disk of course) as the seed when > encrypting swap? No. When you encyrpt swap, you should use a new key everytime you swpon (and maybe even rekey periodically, say, every few days). You should use a full keylength bits' key with full entropy. If you do this, you don't need a seed. (and even if you did, 128 _bits_ would be more than enough). Also, the seed need not be secret (and can't be). It must be random, though, so you'd better use /dev/random instead of urandom... Marc -- Military justice is to justice what military music is to music. -- Groucho Marx Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Wed Oct 3 12:51:28 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Wed, 3 Oct 2001 12:51:20 +0200 Received: from hank-fep7-0.inet.fi ([194.251.242.202]:65158 "EHLO fep07.tmt.tele.fi") by humbolt.nl.linux.org with ESMTP id ; Wed, 3 Oct 2001 12:51:05 +0200 Received: from pp.inet.fi ([212.213.41.108]) by fep07.tmt.tele.fi (InterMail vM.5.01.03.13 201-253-122-118-113-20010918) with ESMTP id <20011003105103.KZNM2632.fep07.tmt.tele.fi@pp.inet.fi>; Wed, 3 Oct 2001 13:51:03 +0300 Message-ID: <3BBAED6A.4A9EB6E6@pp.inet.fi> Date: Wed, 03 Oct 2001 13:50:18 +0300 From: Jari Ruusu X-Mailer: Mozilla 4.78 [en] (X11; U; Linux 2.2.19aa2 i686) X-Accept-Language: en MIME-Version: 1.0 To: Rob McGee CC: linux-crypto@nl.linux.org Subject: Re: big problems after 2.4.10 References: <20011002133839.F2095@hal> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list Rob McGee wrote: > FWIW, I'm running 2.4.10 with a loop.o crafted from the old 2.4.6 patch. > I didn't use HVR's new patch; I just discarded the patch reject. I have > not yet tried any encrypted filesystem, but I am using the encryption of > swap (yes, against HVR's advice. :) So far no problems noted here. Maybe you should be using loop-AES. No kernel source modifications required and it works with swap. Regards, Jari Ruusu Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Wed Oct 3 22:49:21 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Wed, 3 Oct 2001 22:49:14 +0200 Received: from mta7.pltn13.pbi.net ([64.164.98.8]:30089 "EHLO pltn13.pbi.net") by humbolt.nl.linux.org with ESMTP id ; Wed, 3 Oct 2001 22:49:00 +0200 Received: from w2kpro01 ([206.170.209.38]) by mta7.pltn13.pbi.net (iPlanet Messaging Server 5.1 (built May 7 2001)) with SMTP id <0GKN00CBRDN0RQ@mta7.pltn13.pbi.net> for linux-crypto@nl.linux.org; Wed, 03 Oct 2001 13:45:02 -0700 (PDT) Date: Wed, 03 Oct 2001 13:41:25 -0700 From: "IT3 Stuart B. Tener, USNR-R" Subject: Reversing the MDK Kernel patches In-reply-to: <200109262339.11938@totor.bouissou.net> To: Michel Bouissou , linux-crypto@nl.linux.org Reply-to: stuart@bh90210.net Message-id: MIME-version: 1.0 X-MIMEOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) Content-type: text/plain; charset=iso-8859-1 Content-transfer-encoding: 7BIT Importance: Normal X-Priority: 3 (Normal) X-MSMail-priority: Normal Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list Dear Mr. Bouissou: How do I reverse the kernel patches (RPMs) in what order and with what options, if I am interested in returning to a stock kernel for Mandrake 8.1? Very Respectfully, Stuart Blake Tener, IT3, USNR-R, N3GWG Beverly Hills, California VTU 1904G (Volunteer Training Unit) stuart@bh90210.net west coast: (310)-358-0202 P.O. Box 16043, Beverly Hills, CA 90209-2043 east coast: (215)-338-6005 P.O. Box 45859, Philadelphia, PA 19149-5859 Telecopier: (419)-715-6073 fax to email gateway via www.efax.com (it's free!) JOIN THE US NAVY RESERVE, SERVE YOUR COUNTRY, AND BENEFIT FROM IT ALL. Wednesday, October 03, 2001 1:40 PM Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Wed Oct 3 23:08:26 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Wed, 3 Oct 2001 23:08:12 +0200 Received: from a131.abo-lyon1.i-quake.com ([213.244.6.131]:25472 "EHLO totor.bouissou.net") by humbolt.nl.linux.org with ESMTP id ; Wed, 3 Oct 2001 23:07:48 +0200 Received: (qmail 3509 invoked by uid 501); 3 Oct 2001 21:07:45 -0000 Content-Type: text/plain; charset="iso-8859-1" From: Michel Bouissou Organization: Completely disorganized Message-Id: <200110032255.08754@totor.bouissou.net> To: stuart@bh90210.net, linux-crypto@nl.linux.org Subject: Re: Reversing the MDK Kernel patches Date: Wed, 3 Oct 2001 23:07:45 +0200 X-Mailer: KMail [version 1.3.1] References: In-Reply-To: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list Le Mercredi 3 Octobre 2001 22:41, IT3 Stuart B. Tener, USNR-R a écrit : > > How do I reverse the kernel patches (RPMs) in what order and with what > options, if I am interested in returning to a stock kernel for Mandrake > 8.1? Normally, if you have followed the instructions for installation, you still have your standard kernel installed, and can just select it from LILO, and boot it anytime, and even define it as default in your lilo.conf file if you wish. Now, if you want to uninstall everything back to its original state, I would suggest: 1) Uninstall the cryptoapi package using "rpm -e " 2) Check with "rpm -qa | grep -i kernel" which kernel elements you have installed on your system, uninstall all the "kernel-something-crypto" packages using "rpm -e [...]" 3) Check the symlinks in /boot so they aren't broken and point to the correct vmlinuz, System.map, etc. 4) Check lilo.conf, edit it, and re-run lilo. CHECK THAT EVERYTHING WENT OK for lilo reinstallation. 5) Reinstall the kernel-headers package from Mandrake, and optionally reinstall other packages you may want (kernel-source, kernel-doc, kernel-pcmcia...) 6) You may want to "downgrade" your mount and losetup packages, possibly by using "rpm -Uvh --oldpackage losetup mount" You should be done by then. Some notes: The only tricky part, as usual, is the replacement of the kernel. Do *NOT* reboot until you are sure that you have a usable kernel installed and that lilo.conf has been set accordingly, and "lilo" has been re-ran. You don't really *need* to downgrade kernel, losetup and mount. If you just want to get rid of the cryptoapi, you can just uninstall the cryptoapi RPM. Hope this helps. Regards. -- michel@bouissou.net OpenPGP DH/DSS ID 0x5C2BEE8F Si vous préférez que votre e-mail privé reste... privé. Utilisez GnuPG: http://www.geocities.com/openpgp Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Thu Oct 4 13:29:28 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Thu, 4 Oct 2001 13:29:20 +0200 Received: from [194.46.8.33] ([194.46.8.33]:5642 "EHLO angusbay.vnl.com") by humbolt.nl.linux.org with ESMTP id ; Thu, 4 Oct 2001 13:29:00 +0200 Received: from amon by angusbay.vnl.com with local (Exim 3.22 #1) id 15p6i9-00007L-00 (Debian); Thu, 04 Oct 2001 12:30:41 +0100 Date: Thu, 4 Oct 2001 12:30:41 +0100 From: Dale Amon To: Junichi Uekawa Cc: linux-crypto@nl.linux.org Subject: Re: pbuilder Message-ID: <20011004123041.I28131@vnl.com> Mail-Followup-To: Dale Amon , Junichi Uekawa , linux-crypto@nl.linux.org References: <20010925023651.D11548@vnl.com> <20010925120808.B16810@vnl.com> <20010925235750.J16810@vnl.com> <20010927000556.N16810@vnl.com> <20010927181944.71e4d81b.dancer@netfort.gr.jp> <20010927111417.A4866@vnl.com> <20010930024045.A28412@vnl.com> <20010930224844.B2085@vnl.com> <20011001141930.1ee0d20a.dancer@netfort.gr.jp> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20011001141930.1ee0d20a.dancer@netfort.gr.jp> User-Agent: Mutt/1.3.22i X-Operating-System: Linux, the choice of a GNU generation Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list I see that the .7 version is out. Haven't heard back yet whether you want my other patches or not, the ones for handling alternate dist script args for debootstrap. -- ------------------------------------------------------ Use Linux: A computer Dale Amon, CEO/MD is a terrible thing Village Networking Ltd to waste. Belfast, Northern Ireland ------------------------------------------------------ Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Thu Oct 4 14:03:55 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Thu, 4 Oct 2001 14:03:48 +0200 Received: from posti.saunalahti.fi ([195.197.53.226]:32201 "EHLO vasta.saunalahti.fi") by humbolt.nl.linux.org with ESMTP id ; Thu, 4 Oct 2001 14:03:40 +0200 Received: from simpukka.saunalahti.fi (kossuh@simpukka [195.74.0.20]) by vasta.saunalahti.fi (8.10.1/8.10.1) with ESMTP id f94C3hA00327 for ; Thu, 4 Oct 2001 15:03:43 +0300 (EEST) Received: from localhost (kossuh@localhost) by simpukka.saunalahti.fi (8.8.5/8.8.3) with SMTP id PAA04436 for ; Thu, 4 Oct 2001 15:03:44 +0300 (EET DST) Date: Thu, 4 Oct 2001 15:03:44 +0300 (EET DST) From: Antti =?ISO-8859-1?Q?Koskim=E4ki?= X-Sender: kossuh@simpukka To: linux-crypto@nl.linux.org Subject: up-to-date HOWTO/FAQ ? In-Reply-To: <20011004123041.I28131@vnl.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list I've been searching the web for up-to-date version of Linux disk encryption howto, with no luck. Does anyone know if there is one ? Could someone build one ? Another thing would be up-to-date FAQ for this mailing-list, or at least seachable archive. Is there such anywhere ? This mailing-list is best source of information I could find so far. -- Antti Koskimaki, a.k.a. andy Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Thu Oct 4 14:22:17 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Thu, 4 Oct 2001 14:22:09 +0200 Received: from [194.46.8.33] ([194.46.8.33]:14346 "EHLO angusbay.vnl.com") by humbolt.nl.linux.org with ESMTP id ; Thu, 4 Oct 2001 14:21:51 +0200 Received: from amon by angusbay.vnl.com with local (Exim 3.22 #1) id 15p7Xa-0000Cp-00 (Debian); Thu, 04 Oct 2001 13:23:50 +0100 Date: Thu, 4 Oct 2001 13:23:50 +0100 From: Dale Amon To: linux-crypto@nl.linux.org Subject: Re: pbuilder Message-ID: <20011004132350.J28131@vnl.com> Mail-Followup-To: Dale Amon , linux-crypto@nl.linux.org References: <20010925120808.B16810@vnl.com> <20010925235750.J16810@vnl.com> <20010927000556.N16810@vnl.com> <20010927181944.71e4d81b.dancer@netfort.gr.jp> <20010927111417.A4866@vnl.com> <20010930024045.A28412@vnl.com> <20010930224844.B2085@vnl.com> <20011001141930.1ee0d20a.dancer@netfort.gr.jp> <20011004123041.I28131@vnl.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20011004123041.I28131@vnl.com> User-Agent: Mutt/1.3.22i X-Operating-System: Linux, the choice of a GNU generation Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list On Thu, Oct 04, 2001 at 12:30:41PM +0100, Dale Amon wrote: > I see that the .7 version is out. Haven't heard back Ooops.... wrong mail list! :-) -- ------------------------------------------------------ Use Linux: A computer Dale Amon, CEO/MD is a terrible thing Village Networking Ltd to waste. Belfast, Northern Ireland ------------------------------------------------------ Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Thu Oct 4 16:42:26 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Thu, 4 Oct 2001 16:42:21 +0200 Received: from berzerk.gpcc.itd.umich.edu ([141.211.2.162]:15840 "EHLO berzerk.gpcc.itd.umich.edu") by humbolt.nl.linux.org with ESMTP id ; Thu, 4 Oct 2001 16:42:06 +0200 Received: from skywalker.citi.umich.edu (skywalker.citi.umich.edu [141.211.92.240]) by berzerk.gpcc.itd.umich.edu (8.8.8/4.3-mailhub) with ESMTP id KAA06201 for ; Thu, 4 Oct 2001 10:42:05 -0400 (EDT) Received: (from andros@localhost) by skywalker.citi.umich.edu (8.8.8/5.1-client) id KAA09645 for linux-crypto@nl.linux.org; Thu, 4 Oct 2001 10:42:05 -0400 (EDT) Message-Id: <200110041442.KAA09645@skywalker.citi.umich.edu> X-Mailer: exmh version 2.0.2 2/24/98 To: linux-crypto@nl.linux.org Subject: des-cbc Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Thu, 04 Oct 2001 10:42:05 -0400 From: "William A.(Andy) Adamson" Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list hello i just joined the list. i'm writing the RPCSEC_GSS code for the linux kernel NFS v4 rpc layer. we have based our NFS v4 work on the linux 2.4.4 kernel. i've applied the linux 2.4.3.1 patch and smoke tested the sha1 and md5 implementations. i need kernel crypto - each rpcsec_gss packet that arrives at the NFSv4 client or server has to calculate a packet verifier (whether privacy or integrity are used or not). for kerberos v5 which is the first gss mechanism i'm implementing, the default method of constructing and verifying the verifier is to first perform an md5 digest on the data, and then encrypt it using des in cbc mode. i note that there is a des-cbc cipher_implementation structure declared in cipher-des.c, but i am unable to find the des_cbc_encrypt/decrypt functions refered to by the structure. is because they are not yet implemented? is there any code i could bleed on? i plan to pull down the mit_des_cbc_encrypt() function from the mit kerberos 5 1.2.1 source ../lib/crypto/f_cbc.c which wraps des_encrypt in the cbc mode just to get something working.... any info would be helpful thanks -->Andy Adamson see http://www.citi.umich.edu/projects/nfsv4 for NFSv4 info and http://www.citi.umcih.edu/u/andros - my home page. Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Thu Oct 4 21:53:45 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Thu, 4 Oct 2001 21:53:31 +0200 Received: from mail2.uni-bielefeld.de ([129.70.4.90]:2539 "EHLO mail.uni-bielefeld.de") by humbolt.nl.linux.org with ESMTP id ; Thu, 4 Oct 2001 21:53:19 +0200 Received: from dirichlet.mathematik.uni-bielefeld.de (ppp36-409.hrz.uni-bielefeld.de [129.70.37.153]) by mail.uni-bielefeld.de (Sun Internet Mail Server sims.4.0.2000.10.12.16.25.p8) with ESMTP id <0GKP00FMD5WNZN@mail.uni-bielefeld.de> for linux-crypto@nl.linux.org; Thu, 4 Oct 2001 21:53:21 +0200 (MET DST) Date: Thu, 04 Oct 2001 19:42:02 +0200 From: Marc Mutz Subject: Re: des-cbc In-reply-to: <200110041442.KAA09645@skywalker.citi.umich.edu> To: "William A.(Andy) Adamson" Cc: linux-crypto@nl.linux.org Message-id: <0GKP00FMO5WVZN@mail.uni-bielefeld.de> MIME-version: 1.0 X-Mailer: KMail [version 1.3.6] Content-type: text/plain; charset=iso-8859-1 Content-transfer-encoding: 7BIT X-KMail-Identity: Marc.Mutz@uni-bielefeld.de References: <200110041442.KAA09645@skywalker.citi.umich.edu> Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thursday 04 October 2001 16:42, William A.(Andy) Adamson wrote: > i need kernel crypto - each rpcsec_gss packet that arrives at the > NFSv4 client or server has to calculate a packet verifier (whether > privacy or integrity are used or not). for kerberos v5 which is the > first gss mechanism i'm implementing, the default method of > constructing and verifying the verifier is to first perform an md5 > digest on the data, and then encrypt it using des in cbc mode. Is there really no other cipher option than DES? It's broken, you know. FreeSWAN is deliberately explcuding it, even though it's part of the standard. I wouldn't support it in new projects. > i note that there is a des-cbc cipher_implementation structure > declared in cipher-des.c, but i am unable to find the > des_cbc_encrypt/decrypt functions refered to by the structure. IIRC, they're auto-generated. The cipher module just provides the "encrypt a single block" function and a cpp-macro implements functions that can encrypt data using different modes. > is because they are not yet implemented? is there any code i could > bleed on? i plan to pull down the mit_des_cbc_encrypt() function from > the mit kerberos 5 1.2.1 source ../lib/crypto/f_cbc.c which wraps > des_encrypt in the cbc mode just to get something working.... I don't know whether the DES implementation in the kderneli patch does work or not. maybe you should just test it. For loopback-encryption it doesn't work, but that is due to the way it expects it key, which losetup doesn't support. Marc - -- Eternal vigilance is the price of liberty -- Thomas Jefferson -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE7vJ9q3oWD+L2/6DgRAu9+AJ4hZoaVRr1+GkCLvobkOPXdd0x1/QCgsN/X rb+vXpjHYB3x3SZP1V9C3uU= =c31u -----END PGP SIGNATURE----- Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Thu Oct 4 21:53:54 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Thu, 4 Oct 2001 21:53:37 +0200 Received: from mail2.uni-bielefeld.de ([129.70.4.90]:1515 "EHLO mail.uni-bielefeld.de") by humbolt.nl.linux.org with ESMTP id ; Thu, 4 Oct 2001 21:53:17 +0200 Received: from dirichlet.mathematik.uni-bielefeld.de (ppp36-409.hrz.uni-bielefeld.de [129.70.37.153]) by mail.uni-bielefeld.de (Sun Internet Mail Server sims.4.0.2000.10.12.16.25.p8) with ESMTP id <0GKP00FMD5WNZN@mail.uni-bielefeld.de> for linux-crypto@nl.linux.org; Thu, 4 Oct 2001 21:53:18 +0200 (MET DST) Date: Thu, 04 Oct 2001 19:33:24 +0200 From: Marc Mutz Subject: Re: up-to-date HOWTO/FAQ ? In-reply-to: To: Antti =?iso-8859-1?q?Koskim=E4ki?= , linux-crypto@nl.linux.org Message-id: <0GKP00FML5WSZN@mail.uni-bielefeld.de> MIME-version: 1.0 X-Mailer: KMail [version 1.3.6] Content-type: text/plain; charset=iso-8859-1 Content-transfer-encoding: 8BIT X-KMail-Identity: Marc.Mutz@uni-bielefeld.de References: Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thursday 04 October 2001 14:03, Antti Koskimäki wrote: > I've been searching the web for up-to-date version of Linux disk > encryption howto, with no luck. The Encryption-HOWTO is still quite accurate. It's not that so much has changed since the last release, only that 2.4 is now possible and there's loop-AES as a lightweight replacement. And the current kerneli-patches are now at people/hvr, instead of crypto/2.x, in the kernel.org tree. > This mailing-list is best source of information I could find so far. It's supposed to be :-) Marc - -- I consider the terrorist attacks on September 11th to be an attack against America's ideals. If our freedoms erode because of those attacks, then the terrorists have won. -- Bruce Schneier, Crypto-Gram 09/2001 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE7vJ1k3oWD+L2/6DgRApwlAKClWdGHxOFpDCacAsJDIj0mKzMM3QCgrN0l eLdc3S+ptbAOVK+c/MKsZfA= =Cj2z -----END PGP SIGNATURE----- Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Thu Oct 4 21:59:27 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Thu, 4 Oct 2001 21:59:10 +0200 Received: from syjon.fantastyka.net ([158.75.63.36]:61702 "EHLO syjon.fantastyka.net") by humbolt.nl.linux.org with ESMTP id convert rfc822-to-8bit; Thu, 4 Oct 2001 21:58:58 +0200 Received: from alex by syjon.fantastyka.net with local (Exim 3.31 #1 (Debian)) id 15pEYu-0005ko-00; Thu, 04 Oct 2001 21:53:40 +0200 Subject: Re: des-cbc In-Reply-To: <0GKP00FMO5WVZN@mail.uni-bielefeld.de> from Marc Mutz at "Oct 4, 2001 07:42:02 pm" To: Marc Mutz Date: Thu, 4 Oct 2001 21:53:39 +0200 (CEST) CC: "William A.(Andy) Adamson" , linux-crypto@nl.linux.org From: Janusz A. Urbanowicz X-Mailer: ELM [version 2.4ME+ PL66 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-2 Content-Transfer-Encoding: 8BIT Message-Id: Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list [BMarc Mutz wrote/napisa³[a]/schrieb: -- Start of PGP signed section. > On Thursday 04 October 2001 16:42, William A.(Andy) Adamson wrote: > > > i need kernel crypto - each rpcsec_gss packet that arrives at the > > NFSv4 client or server has to calculate a packet verifier (whether > > privacy or integrity are used or not). for kerberos v5 which is the > > first gss mechanism i'm implementing, the default method of > > constructing and verifying the verifier is to first perform an md5 > > digest on the data, and then encrypt it using des in cbc mode. > > Is there really no other cipher option than DES? It's broken, you know. > FreeSWAN is deliberately explcuding it, even though it's part of the > standard. I wouldn't support it in new projects. I wouldn't dare to call DES broken. It is the most researched algorithm we have, with the only weakness of key size (which is cured by using 3DES). Alex -- C _-=-_ H| Janusz A. Urbanowicz | ALEX3-RIPE | SF-F Framling | | * ; (_O : +-------------------------------------------------------------+ --+~| ! &~) ? | P³yn±æ chcê na Wschód, za Suez, gdzie jest dobrem ka¿de z³o | l_|/ A ~-=-~ O| Gdzie przykazañ brak dziesiêciu, a piæ mo¿na a¿ po dno; | | Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Thu Oct 4 22:20:47 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Thu, 4 Oct 2001 22:20:41 +0200 Received: from eik.ii.uib.no ([129.177.16.3]:27877 "EHLO ii.uib.no") by humbolt.nl.linux.org with ESMTP id convert rfc822-to-8bit; Thu, 4 Oct 2001 22:20:13 +0200 Received: from apal-192.ii.uib.no (apal.ii.uib.no) [129.177.192.27] by ii.uib.no with esmtp (Exim 3.03) id 15pEya-0004hk-00 ; Thu, 04 Oct 2001 22:20:12 +0200 Received: (from gisle@localhost) by apal.ii.uib.no (8.10.2+Sun/8.10.2) id f94KKBn05335; Thu, 4 Oct 2001 22:20:11 +0200 (MEST) Date: Thu, 4 Oct 2001 22:20:10 +0200 (MEST) From: Gisle S{lensminde To: "William A.(Andy) Adamson" cc: linux-crypto@nl.linux.org Subject: Re: des-cbc In-Reply-To: <200110041442.KAA09645@skywalker.citi.umich.edu> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=ISO-8859-1 Content-Transfer-Encoding: 8BIT Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list On Thu, 4 Oct 2001, William A.(Andy) Adamson wrote: > hello > > i just joined the list. i'm writing the RPCSEC_GSS code for the linux kernel > NFS v4 rpc layer. we have based our NFS v4 work on the linux 2.4.4 kernel. > i've applied the linux 2.4.3.1 patch and smoke tested the sha1 and md5 > implementations. > > i need kernel crypto - each rpcsec_gss packet that arrives at the NFSv4 client > or server has to calculate a packet verifier (whether privacy or integrity are > used or not). for kerberos v5 which is the first gss mechanism i'm > implementing, the default method of constructing and verifying the verifier is > to first perform an md5 digest on the data, and then encrypt it using des in > cbc mode. > > i note that there is a des-cbc cipher_implementation structure declared in > cipher-des.c, but i am unable to find the des_cbc_encrypt/decrypt functions > refered to by the structure. > > is because they are not yet implemented? is there any code i could bleed on? i > plan to pull down the mit_des_cbc_encrypt() function from the mit kerberos 5 > 1.2.1 source ../lib/crypto/f_cbc.c which wraps des_encrypt in the cbc mode > just to get something working.... > > any info would be helpful I have some problems understanding what you try to do. Do you: 1) Try to use the cryproapi to do your task. or 2) Try to use lowlevel routines directly. Alternative 2 is not possible with the current code, since the lowlevel encrytion routines are static. Also, you should kow that the DES implementation in kerneli requires the parity bits of the key to be correctly set. The 3des cipher don't. It's possible to change the key schedule of DES to fix this problem, otherwise you myst fix the parity bits yourself. The parity bits makes no sense in software implementations (and in few HW implementations IMHO) > > thanks > > -->Andy Adamson > > see http://www.citi.umich.edu/projects/nfsv4 for NFSv4 info > and http://www.citi.umcih.edu/u/andros - my home page. > > > Linux-crypto: cryptography in and on the Linux system > Archive: http://mail.nl.linux.org/linux-crypto/ > -- -- Gisle Sælensminde ( gisle@ii.uib.no ) With sufficient thrust, pigs fly just fine. However, this is not necessarily a good idea. It is hard to be sure where they are going to land, and it could be dangerous sitting under them as they fly overhead. (from RFC 1925) Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Thu Oct 4 23:04:19 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Thu, 4 Oct 2001 23:04:04 +0200 Received: from mail2.uni-bielefeld.de ([129.70.4.90]:46078 "EHLO mail.uni-bielefeld.de") by humbolt.nl.linux.org with ESMTP id ; Thu, 4 Oct 2001 23:03:47 +0200 Received: from dirichlet.mathematik.uni-bielefeld.de (ppp36-410.hrz.uni-bielefeld.de [129.70.37.154]) by mail.uni-bielefeld.de (Sun Internet Mail Server sims.4.0.2000.10.12.16.25.p8) with ESMTP id <0GKP00L2K96CBE@mail.uni-bielefeld.de> for linux-crypto@nl.linux.org; Thu, 4 Oct 2001 23:03:49 +0200 (MET DST) Date: Thu, 04 Oct 2001 23:05:27 +0200 From: Marc Mutz Subject: Re: des-cbc In-reply-to: To: "Janusz A. Urbanowicz" , Marc Mutz Cc: "William A.(Andy) Adamson" , linux-crypto@nl.linux.org Message-id: <0GKP00L2L96CBE@mail.uni-bielefeld.de> MIME-version: 1.0 X-Mailer: KMail [version 1.3.6] Content-type: text/plain; charset=iso-8859-2 Content-transfer-encoding: 8BIT X-KMail-Identity: Marc.Mutz@uni-bielefeld.de References: Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thursday 04 October 2001 21:53, Janusz A. Urbanowicz wrote: > > Is there really no other cipher option than DES? It's broken, you > > know. FreeSWAN is deliberately explcuding it, even though it's part > > of the standard. I wouldn't support it in new projects. > > I wouldn't dare to call DES broken. It is the most researched > algorithm we have, with the only weakness of key size (which is cured > by using 3DES). Exactly. DES's functionality has been broken by EFF's DEScracker. It isn't secure anymore. It is broken. 3DES isn't though. But you were talking of DES. Marc - -- Nie wird so viel gelogen wie vor der Wahl, während des Kriegs und nach der Jagd -- Otto von Bismarck -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE7vM8X3oWD+L2/6DgRAvX6AKCTBehMfnb81+FY2WuA/ncgUU3MSgCgiGgE c8RQG9Zy6ESAav3Mv7IGizo= =X8K7 -----END PGP SIGNATURE----- Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Fri Oct 5 05:08:12 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Fri, 5 Oct 2001 05:07:55 +0200 Received: from posti.saunalahti.fi ([195.197.53.226]:3726 "EHLO vasta.saunalahti.fi") by humbolt.nl.linux.org with ESMTP id ; Fri, 5 Oct 2001 05:07:45 +0200 Received: from simpukka.saunalahti.fi (kossuh@simpukka [195.74.0.20]) by vasta.saunalahti.fi (8.10.1/8.10.1) with ESMTP id f9537nA27661 for ; Fri, 5 Oct 2001 06:07:49 +0300 (EEST) Received: from localhost (kossuh@localhost) by simpukka.saunalahti.fi (8.8.5/8.8.3) with SMTP id GAA24668 for ; Fri, 5 Oct 2001 06:07:50 +0300 (EET DST) Date: Fri, 5 Oct 2001 06:07:50 +0300 (EET DST) From: Antti =?ISO-8859-1?Q?Koskim=E4ki?= X-Sender: kossuh@simpukka To: linux-crypto@nl.linux.org Subject: encrypting the whole disk / all the data In-Reply-To: <0GKP00FML5WSZN@mail.uni-bielefeld.de> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list Simple question: How do I guarantee that not a single bit of my essential data is written non-crypted on my Linux (laptop-)box ? Swap is trivial - it just has to be encrypted :) and Jari has provided good-looking boot-scripts for that. Is loop-AES currently the only one managing swap ? Then root-filesystem. If I want simply the root-filesystem encrypted, what are my options ? Another solution that comes into my mind is mounting root etc. read-only. The problem arises with logging, i.e. /var. If I need it encrypted it seems to me that problem is quite analog to encrypting the whole root-filesystem. On the other hand I could use RAM-disk to avoid boot-time problems but then I have to use RAM-disk all the way, am I right ? For performance reasons I would prefer the read-only-like solutions. -- Antti Koskimaki Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Fri Oct 5 17:10:24 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Fri, 5 Oct 2001 17:10:12 +0200 Received: from donkeykong.gpcc.itd.umich.edu ([141.211.2.163]:14033 "EHLO donkeykong.gpcc.itd.umich.edu") by humbolt.nl.linux.org with ESMTP id ; Fri, 5 Oct 2001 17:09:52 +0200 Received: from skywalker.citi.umich.edu (skywalker.citi.umich.edu [141.211.92.240]) by donkeykong.gpcc.itd.umich.edu (8.8.8/4.3-mailhub) with ESMTP id LAA27620; Fri, 5 Oct 2001 11:09:41 -0400 (EDT) Received: (from andros@localhost) by skywalker.citi.umich.edu (8.8.8/5.1-client) id LAA21238; Fri, 5 Oct 2001 11:09:41 -0400 (EDT) Message-Id: <200110051509.LAA21238@skywalker.citi.umich.edu> X-Mailer: exmh version 2.0.2 2/24/98 To: Marc Mutz cc: "William A.(Andy) Adamson" , linux-crypto@nl.linux.org Subject: Re: des-cbc In-reply-to: Your message of "Thu, 04 Oct 2001 19:42:02 +0200." <0GKP00FMO5WVZN@mail.uni-bielefeld.de> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Fri, 05 Oct 2001 11:09:41 -0400 From: "William A.(Andy) Adamson" Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list > On Thursday 04 October 2001 16:42, William A.(Andy) Adamson wrote: > > > i need kernel crypto - each rpcsec_gss packet that arrives at the > > NFSv4 client or server has to calculate a packet verifier (whether > > privacy or integrity are used or not). for kerberos v5 which is the > > first gss mechanism i'm implementing, the default method of > > constructing and verifying the verifier is to first perform an md5 > > digest on the data, and then encrypt it using des in cbc mode. > > Is there really no other cipher option than DES? It's broken, you know. > FreeSWAN is deliberately explcuding it, even though it's part of the > standard. I wouldn't support it in new projects. kerberos v5 still uses des as a default, so it must be implemented. > > i note that there is a des-cbc cipher_implementation structure > > declared in cipher-des.c, but i am unable to find the > > des_cbc_encrypt/decrypt functions refered to by the structure. > > IIRC, they're auto-generated. The cipher module just provides the > "encrypt a single block" function and a cpp-macro implements functions > that can encrypt data using different modes. ok. i'll look for the auto-generated interface. thanks. > > is because they are not yet implemented? is there any code i could > > bleed on? i plan to pull down the mit_des_cbc_encrypt() function from > > the mit kerberos 5 1.2.1 source ../lib/crypto/f_cbc.c which wraps > > des_encrypt in the cbc mode just to get something working.... > > > I don't know whether the DES implementation in the kderneli patch does > work or not. maybe you should just test it. For loopback-encryption it > doesn't work, but that is due to the way it expects it key, which > losetup doesn't support. > > Marc > > - -- > Eternal vigilance is the price of liberty -- Thomas Jefferson > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.0.6 (GNU/Linux) > Comment: For info see http://www.gnupg.org > > iD8DBQE7vJ9q3oWD+L2/6DgRAu9+AJ4hZoaVRr1+GkCLvobkOPXdd0x1/QCgsN/X > rb+vXpjHYB3x3SZP1V9C3uU= > =c31u > -----END PGP SIGNATURE----- > > Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Fri Oct 5 17:38:47 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Fri, 5 Oct 2001 17:38:34 +0200 Received: from berzerk.gpcc.itd.umich.edu ([141.211.2.162]:41718 "EHLO berzerk.gpcc.itd.umich.edu") by humbolt.nl.linux.org with ESMTP id convert rfc822-to-8bit; Fri, 5 Oct 2001 17:38:12 +0200 Received: from skywalker.citi.umich.edu (skywalker.citi.umich.edu [141.211.92.240]) by berzerk.gpcc.itd.umich.edu (8.8.8/4.3-mailhub) with ESMTP id LAA24987; Fri, 5 Oct 2001 11:38:10 -0400 (EDT) Received: (from andros@localhost) by skywalker.citi.umich.edu (8.8.8/5.1-client) id LAA21491; Fri, 5 Oct 2001 11:38:06 -0400 (EDT) Message-Id: <200110051538.LAA21491@skywalker.citi.umich.edu> X-Mailer: exmh version 2.0.2 2/24/98 To: Gisle S{lensminde cc: "William A.(Andy) Adamson" , linux-crypto@nl.linux.org Subject: Re: des-cbc In-reply-to: Your message of "Thu, 04 Oct 2001 22:20:10 +0200." Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8BIT Date: Fri, 05 Oct 2001 11:38:06 -0400 From: "William A.(Andy) Adamson" Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list > On Thu, 4 Oct 2001, William A.(Andy) Adamson wrote: > > > hello > > > > i just joined the list. i'm writing the RPCSEC_GSS code for the linux kernel > > NFS v4 rpc layer. we have based our NFS v4 work on the linux 2.4.4 kernel. > > i've applied the linux 2.4.3.1 patch and smoke tested the sha1 and md5 > > implementations. > > > > i need kernel crypto - each rpcsec_gss packet that arrives at the NFSv4 client > > or server has to calculate a packet verifier (whether privacy or integrity are > > used or not). for kerberos v5 which is the first gss mechanism i'm > > implementing, the default method of constructing and verifying the verifier is > > to first perform an md5 digest on the data, and then encrypt it using des in > > cbc mode. > > > > i note that there is a des-cbc cipher_implementation structure declared in > > cipher-des.c, but i am unable to find the des_cbc_encrypt/decrypt functions > > refered to by the structure. > > > > is because they are not yet implemented? is there any code i could bleed on? i > > plan to pull down the mit_des_cbc_encrypt() function from the mit kerberos 5 > > 1.2.1 source ../lib/crypto/f_cbc.c which wraps des_encrypt in the cbc mode > > just to get something working.... > > > > any info would be helpful > > I have some problems understanding what you try to do. Do you: > > 1) Try to use the cryproapi to do your task. > or > 2) Try to use lowlevel routines directly. i'm using the cryptoapi from the 2.4.3.1 patch - looking up des-cbc using find_cipher_by_name() and following the example code in crypto/testing/speed.c cipher_correct() using cipher_implementation function pointers. in thd des_cbc cipher_implementation struct, the INIT_CIPHER_OPS(des) gives function pointers to des_encrypt(), which i can find in cipher-des.c. INIT_CIPHER_BLOCKOPS(des_cbc) gives function pointers to des_cbc_encrypt() which i couldn't find anywhere. i want to look at the code in order to determine what if any pre-processing needs to be done to match kerberos v5. i now see that the des_cbc_encrypt and associated functions are generated by cpp, i can move forward. > Alternative 2 is not possible with the current code, since the lowlevel > encrytion routines are static. > > Also, you should kow that the DES implementation in kerneli requires > the parity bits of the key to be correctly set. The 3des cipher don't. > It's possible to change the key schedule of DES to fix this problem, > otherwise you myst fix the parity bits yourself. The parity bits makes > no sense in software implementations (and in few HW implementations IMHO) thanks for the info. is cryptoapi-2.4.10.diff (from kernel.org .../people/hvr) the best 2.4 kernel patch to be using? -->Andy Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Fri Oct 5 20:51:47 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Fri, 5 Oct 2001 20:51:32 +0200 Received: from hank-fep7-0.inet.fi ([194.251.242.202]:52896 "EHLO fep07.tmt.tele.fi") by humbolt.nl.linux.org with ESMTP id ; Fri, 5 Oct 2001 20:50:42 +0200 Received: from pp.inet.fi ([212.213.41.16]) by fep07.tmt.tele.fi (InterMail vM.5.01.03.13 201-253-122-118-113-20010918) with ESMTP id <20011005185038.ZAET2632.fep07.tmt.tele.fi@pp.inet.fi>; Fri, 5 Oct 2001 21:50:38 +0300 Message-ID: <3BBE00CB.4C633288@pp.inet.fi> Date: Fri, 05 Oct 2001 21:49:47 +0300 From: Jari Ruusu X-Mailer: Mozilla 4.78 [en] (X11; U; Linux 2.2.19aa2 i686) X-Accept-Language: en MIME-Version: 1.0 To: Antti =?iso-8859-1?Q?Koskim=E4ki?= CC: linux-crypto@nl.linux.org Subject: Re: encrypting the whole disk / all the data References: Content-Type: multipart/mixed; boundary="------------B0292B50A8650BB9D27E617F" Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list This is a multi-part message in MIME format. --------------B0292B50A8650BB9D27E617F Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Antti Koskimäki wrote: > Simple question: How do I guarantee that not a single bit of my > essential data is written non-crypted on my Linux (laptop-)box ? > > Swap is trivial - it just has to be encrypted :) and Jari has provided > good-looking boot-scripts for that. Is loop-AES currently the only one > managing swap ? > > Then root-filesystem. > > If I want simply the root-filesystem encrypted, what are my options ? > > Another solution that comes into my mind is mounting root etc. read-only. The > problem arises with logging, i.e. /var. If I need it encrypted it seems to > me that problem is quite analog to encrypting the whole root-filesystem. > On the other hand I could use RAM-disk to avoid boot-time problems but > then I have to use RAM-disk all the way, am I right ? > > For performance reasons I would prefer the read-only-like solutions. Encrypting root partition requires a small unencrypted /boot partition. Everything else (root, swap and other partitions) can be encrypted. Kernels and tools required to boot kernels reside in the /boot partition. To encrypt root partition, I have attached a shell script that builds a small "initrd" ram-disk that works with 2.2 and 2.4 kernels. To use it, do something like this: 1) Backup all important data before experimenting. 2) Recompile kernel. These are required: CONFIG_BLK_DEV_RAM=y CONFIG_BLK_DEV_RAM_SIZE=4096 CONFIG_BLK_DEV_INITRD=y CONFIG_MINIX_FS=y cd /usr/src/linux-2.4.10-ac4 make distclean cp ../somewhere/.config .config make config make dep && make clean && make bzlilo make modules && make modules_install 3) Compile loop-AES loop.o module cd ../loop-AES-v1.4e make LINUX_SOURCE=/usr/src/linux-2.4.10-ac4 4) Copy kernel specific loop.o to /boot cp -p /lib/modules/2.4.10-ac4/block/loop.o /boot/loop-2.4.10-ac4.o Note: you need to have a kernel version specific loop.o module in /boot directory for every kernel you intend to use. 5) Edit build-initrd.sh to match your setup. At least set BOOTDEV, BOOTTYPE and CRYPTROOT variables to correct values. 6) Edit /etc/lilo.conf (or whatever) and set these: root=/dev/ram1 initrd=/boot/initrd.gz 7) Build a new /boot/initrd.gz and run lilo (or whatever) ./build-initrd.sh lilo Note: /boot/initrd.gz is supposed to be small (1.6 KB on my systems). All other utilities (loop-KERNELRELEASE.o module, insmod, losetup and possibly glibc) are copied to /boot directory. Glibc is not copied if both insmod and losetup are statically linked. 8) Reboot system from rescue floppy / cdrom / other partition on your system, so that the partition you are about to encrypt is _not_ mounted. Note: you must use loop-AES' loop.o module and loop-AES modified losetup program for this. insmod loop losetup -e AES128 /dev/loop5 /dev/hda2 dd if=/dev/hda2 of=/dev/loop5 bs=8192 conv=notrunc sync mount -t ext2 /dev/loop5 /mnt 9) Edit root partition entry in /mnt/etc/fstab file. Replace old /dev/hda2 with /dev/loop5 (or whatever you are using). 10) Clean up and reboot umount /mnt losetup -d /dev/loop5 sync shutdown -r now Regards, Jari Ruusu --------------B0292B50A8650BB9D27E617F Content-Type: application/x-sh; name="build-initrd.sh" Content-Transfer-Encoding: 7bit Content-Disposition: inline; filename="build-initrd.sh" #!/bin/bash # # build-initrd.sh # # Written by Jari Ruusu, October 5 2001 # # Copyright 2001 by Jari Ruusu. # Redistribution of this file is permitted under the GNU Public License. # # # kernel .config : CONFIG_BLK_DEV_RAM=y # CONFIG_BLK_DEV_RAM_SIZE=4096 # CONFIG_BLK_DEV_INITRD=y # CONFIG_MINIX_FS=y # # /etc/lilo.conf : root=/dev/ram1 # initrd=/boot/initrd.gz # # usage : ./build-initrd.sh # lilo # cp -p /lib/modules/`uname -r`/block/loop.o /boot/loop-`uname -r`.o # # normal /boot partition BOOTDEV=/dev/hda1 # /boot partition type BOOTTYPE=ext2 # encrypted root partition CRYPTROOT=/dev/hda2 # encryption type (AES128 / AES192 / AES256) of root partition CIPHERTYPE=AES128 # optional password seed for root partition #PSEED="-S XXXXXX" # encrypted root loop device index (0 ... 7), 5 == /dev/loop5 # _must_ match /etc/fstab entry: /dev/loop5 / ext2 defaults,xxxx 0 1 ROOTLOOPINDEX=5 # temporary loop device index used in this script, 7 == /dev/loop7 TEMPLOOPINDEX=7 set -e cat - <tmp-c-$$.c #include #include #include #include #include #include #include void strCat(char *d, char *s) { while(*d) d++; while(*s) *d++ = *s++; *d = 0; } void wrStr(char *s) { char *p = s; int x = 0; while(*p) p++, x++; write(1, s, x); } int exeWait(char *p) { int x, y; char *a[50], *e[1]; if(!(x = fork())) { while(*p && (x < ((sizeof(a) / sizeof(char *)) - 1))) { a[x++] = p; while(*p && (*p != ' ') && (*p != '\t')) p++; while((*p == ' ') || (*p == '\t')) *p++ = 0; } e[0] = a[x] = 0; if(x) execve(a[0], &a[0], &e[0]); _exit(1); } waitpid(x, &y, 0); if(!WIFEXITED(y) || (WEXITSTATUS(y) != 0)) { wrStr("Command \""); wrStr(p); wrStr("\" returned error\n"); return(1); } return(0); } void _start() { int x; struct utsname un; char buf[300]; if(mount("none", "/proc", "proc", MS_MGC_VAL, 0)) { wrStr("Mounting /proc failed\n"); goto fail3; } /* this intentionally mounts /boot partion as /lib */ if(mount("${BOOTDEV}", "/lib", "${BOOTTYPE}", MS_MGC_VAL | MS_RDONLY, 0)) { wrStr("Mounting ${BOOTDEV} as /lib failed\n"); goto fail2; } uname(&un); buf[0] = 0; strCat(buf, "/lib/insmod -o loop /lib/loop-"); strCat(buf, &un.release[0]); strCat(buf, ".o"); if(exeWait(buf)) goto fail1; wrStr("\nEncrypted file system, please supply correct password to continue\n\n"); buf[0] = 0; strCat(buf, "/lib/losetup -e ${CIPHERTYPE} ${PSEED} /dev/loop${ROOTLOOPINDEX} ${CRYPTROOT}"); if(exeWait(buf)) goto fail1; wrStr("\n"); if((x = open("/proc/sys/kernel/real-root-dev", O_WRONLY, 0)) == -1) { wrStr("Unable to open real-root-dev\n"); goto fail1; } write(x, "0x70${ROOTLOOPINDEX}\n", 6); close(x); fail1: umount("/lib"); fail2: umount("/proc"); fail3: _exit(0); } EOF gcc -Wall -O2 -s -static -nostartfiles -pipe tmp-c-$$.c -o tmp-c-$$ rm -f tmp-c-$$.[co] x=`cat tmp-c-$$ | wc -c` y=`expr ${x} + 1023` x=`expr ${y} / 1024` y=`expr ${x} + 12` dd if=/dev/zero of=tmp-i-$$ bs=1024 count=${y} losetup /dev/loop${TEMPLOOPINDEX} tmp-i-$$ mkfs -t minix -i 32 /dev/loop${TEMPLOOPINDEX} losetup -d /dev/loop${TEMPLOOPINDEX} mkdir tmp-d-$$ mount -t minix tmp-i-$$ tmp-d-$$ -o loop=/dev/loop${TEMPLOOPINDEX} cd tmp-d-$$ mkdir dev proc lib mv ../tmp-c-$$ linuxrc mknod dev/console c 5 1 mknod dev/tty c 5 0 mknod dev/tty1 c 4 1 mknod dev/null c 1 3 mknod dev/zero c 1 5 mknod dev/ram1 b 1 1 mknod dev/loop${ROOTLOOPINDEX} b 7 ${ROOTLOOPINDEX} function maybeMakeDiskNode { x=$3 for i in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 ; do for y in ${BOOTDEV} ${CRYPTROOT} ; do if [ ${y} == /dev/$1${i} ] ; then mknod dev/$1${i} b $2 ${x} fi done x=`expr ${x} + 1` done return } maybeMakeDiskNode hda 3 1 maybeMakeDiskNode hdb 3 65 maybeMakeDiskNode hdc 22 1 maybeMakeDiskNode hdd 22 65 maybeMakeDiskNode sda 8 1 maybeMakeDiskNode sdb 8 17 maybeMakeDiskNode sdc 8 33 maybeMakeDiskNode sdd 8 49 cd .. df tmp-d-$$ umount tmp-d-$$ rmdir tmp-d-$$ sync ; sync ; sync gzip -9 tmp-i-$$ mv tmp-i-$$.gz /boot/initrd.gz ls -l /boot/initrd.gz y=0 for x in /sbin/insmod /sbin/losetup ; do cp -p ${x} /boot set +e file ${x} | grep -q "statically linked" if [ ! $? == 0 ] ; then y=1 fi set -e done if [ ${y} == 1 ] ; then cp -p /lib/ld-linux.so.2 /lib/libc.so.6 /boot fi if [ ! -d /initrd ] ; then mkdir /initrd fi sync exit 0 --------------B0292B50A8650BB9D27E617F Content-Type: text/plain; charset=us-ascii; name="build-initrd.sh.sign" Content-Transfer-Encoding: 7bit Content-Disposition: inline; filename="build-initrd.sh.sign" -----BEGIN PGP MESSAGE----- Version: 2.6.3ia Comment: http://loop-aes.sourceforge.net/PGP-public-key.asc iQCVAwUAO73z4jMKg0M6Ig9RAQFRnwP8DdNma2TaYFRrrbrZO96GB7FYHA+hw66j FmMGeFwpW0OEH0HjOD04W8wMGMl0wXA/6K5KGPNfFHTY0NJhGH+k1ojJSAGlfPY9 lHIUVxwepJ4tF+yg5Ve0MJ1hCz9/TGBqiHUpgsV6iIqrYZrXZw0yjmoPHjw8Ktvz epXuj3YTX/o= =8Y9W -----END PGP MESSAGE----- --------------B0292B50A8650BB9D27E617F-- Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Fri Oct 5 21:06:42 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Fri, 5 Oct 2001 21:06:31 +0200 Received: from mta7.pltn13.pbi.net ([64.164.98.8]:60557 "EHLO pltn13.pbi.net") by humbolt.nl.linux.org with ESMTP id ; Fri, 5 Oct 2001 21:06:08 +0200 Disposition-notification-to: stuart@bh90210.net Received: from w2kpro01 ([206.170.209.81]) by mta7.pltn13.pbi.net (iPlanet Messaging Server 5.1 (built May 7 2001)) with SMTP id <0GKQ00FTAYDR4T@mta7.pltn13.pbi.net> for linux-crypto@nl.linux.org; Fri, 05 Oct 2001 12:06:00 -0700 (PDT) Date: Fri, 05 Oct 2001 12:02:07 -0700 From: "IT3 Stuart B. Tener, USNR-R" Subject: RE: encrypting the whole disk / all the data In-reply-to: <3BBE00CB.4C633288@pp.inet.fi> To: Jari Ruusu , Antti =?UNKNOWN?Q?Koskim=E4ki?= Cc: linux-crypto@nl.linux.org Reply-to: stuart@bh90210.net Message-id: MIME-version: 1.0 X-MIMEOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) Content-type: text/plain; charset=iso-8859-1 Content-transfer-encoding: 8BIT Importance: Normal X-Priority: 3 (Normal) X-MSMail-priority: Normal Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list Mr. Ruusu: I am curious if you think it would be possible to modify lilo, in order to allow for a even the kernel to be encrypted for boot? As well, I think all of this is going to be moot soon, as ReiserFS (which I personally use as my filesystem, even for root partitions), will have an encryption API for it by SEP 2002. Thus, at some point, filesystem encryption will be indigenous to the ReiserFS, and would only become requisite of a developer writing an implementation of an algorithm following their API structure. I would wonder how you would feel about modifying your code to work with ReiserFS once the API is properly documented? Very Respectfully, Stuart Blake Tener, IT3, USNR-R, N3GWG Beverly Hills, California VTU 1904G (Volunteer Training Unit) stuart@bh90210.net west coast: (310)-358-0202 P.O. Box 16043, Beverly Hills, CA 90209-2043 east coast: (215)-338-6005 P.O. Box 45859, Philadelphia, PA 19149-5859 Telecopier: (419)-715-6073 fax to email gateway via www.efax.com (it's free!) JOIN THE US NAVY RESERVE, SERVE YOUR COUNTRY, AND BENEFIT FROM IT ALL. Friday, October 05, 2001 11:51 AM -----Original Message----- From: owner-linux-crypto@nl.linux.org [mailto:owner-linux-crypto@nl.linux.org]On Behalf Of Jari Ruusu Sent: Friday, October 05, 2001 11:50 AM To: Antti Koskimäki Cc: linux-crypto@nl.linux.org Subject: Re: encrypting the whole disk / all the data Antti Koskimäki wrote: > Simple question: How do I guarantee that not a single bit of my > essential data is written non-crypted on my Linux (laptop-)box ? > > Swap is trivial - it just has to be encrypted :) and Jari has provided > good-looking boot-scripts for that. Is loop-AES currently the only one > managing swap ? > > Then root-filesystem. > > If I want simply the root-filesystem encrypted, what are my options ? > > Another solution that comes into my mind is mounting root etc. read-only. The > problem arises with logging, i.e. /var. If I need it encrypted it seems to > me that problem is quite analog to encrypting the whole root-filesystem. > On the other hand I could use RAM-disk to avoid boot-time problems but > then I have to use RAM-disk all the way, am I right ? > > For performance reasons I would prefer the read-only-like solutions. Encrypting root partition requires a small unencrypted /boot partition. Everything else (root, swap and other partitions) can be encrypted. Kernels and tools required to boot kernels reside in the /boot partition. To encrypt root partition, I have attached a shell script that builds a small "initrd" ram-disk that works with 2.2 and 2.4 kernels. To use it, do something like this: 1) Backup all important data before experimenting. 2) Recompile kernel. These are required: CONFIG_BLK_DEV_RAM=y CONFIG_BLK_DEV_RAM_SIZE=4096 CONFIG_BLK_DEV_INITRD=y CONFIG_MINIX_FS=y cd /usr/src/linux-2.4.10-ac4 make distclean cp ../somewhere/.config .config make config make dep && make clean && make bzlilo make modules && make modules_install 3) Compile loop-AES loop.o module cd ../loop-AES-v1.4e make LINUX_SOURCE=/usr/src/linux-2.4.10-ac4 4) Copy kernel specific loop.o to /boot cp -p /lib/modules/2.4.10-ac4/block/loop.o /boot/loop-2.4.10-ac4.o Note: you need to have a kernel version specific loop.o module in /boot directory for every kernel you intend to use. 5) Edit build-initrd.sh to match your setup. At least set BOOTDEV, BOOTTYPE and CRYPTROOT variables to correct values. 6) Edit /etc/lilo.conf (or whatever) and set these: root=/dev/ram1 initrd=/boot/initrd.gz 7) Build a new /boot/initrd.gz and run lilo (or whatever) ./build-initrd.sh lilo Note: /boot/initrd.gz is supposed to be small (1.6 KB on my systems). All other utilities (loop-KERNELRELEASE.o module, insmod, losetup and possibly glibc) are copied to /boot directory. Glibc is not copied if both insmod and losetup are statically linked. 8) Reboot system from rescue floppy / cdrom / other partition on your system, so that the partition you are about to encrypt is _not_ mounted. Note: you must use loop-AES' loop.o module and loop-AES modified losetup program for this. insmod loop losetup -e AES128 /dev/loop5 /dev/hda2 dd if=/dev/hda2 of=/dev/loop5 bs=8192 conv=notrunc sync mount -t ext2 /dev/loop5 /mnt 9) Edit root partition entry in /mnt/etc/fstab file. Replace old /dev/hda2 with /dev/loop5 (or whatever you are using). 10) Clean up and reboot umount /mnt losetup -d /dev/loop5 sync shutdown -r now Regards, Jari Ruusu Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Fri Oct 5 21:47:54 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Fri, 5 Oct 2001 21:47:41 +0200 Received: from mail2.uni-bielefeld.de ([129.70.4.90]:3886 "EHLO mail.uni-bielefeld.de") by humbolt.nl.linux.org with ESMTP id ; Fri, 5 Oct 2001 21:47:23 +0200 Received: from dirichlet.mathematik.uni-bielefeld.de (ppp36-483.hrz.uni-bielefeld.de [129.70.37.227]) by mail.uni-bielefeld.de (Sun Internet Mail Server sims.4.0.2000.10.12.16.25.p8) with ESMTP id <0GKR00K900AYBS@mail.uni-bielefeld.de> for linux-crypto@nl.linux.org; Fri, 5 Oct 2001 21:47:25 +0200 (MET DST) Date: Fri, 05 Oct 2001 21:41:50 +0200 From: Marc Mutz Subject: Re: encrypting the whole disk / all the data In-reply-to: To: Antti =?iso-8859-1?q?Koskim=E4ki?= , linux-crypto@nl.linux.org Message-id: <0GKR00K910AZBS@mail.uni-bielefeld.de> MIME-version: 1.0 X-Mailer: KMail [version 1.3.6] Content-type: text/plain; charset=iso-8859-1 Content-transfer-encoding: 8BIT X-KMail-Identity: Marc.Mutz@uni-bielefeld.de References: Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Friday 05 October 2001 05:07, Antti Koskimäki wrote: > Simple question: How do I guarantee that not a single bit of my > essential data is written non-crypted on my Linux (laptop-)box ? Encrypt the users' and root's homes, and swap, if used: /home /root swap If you spool sensitive data, encrypt /var, too. > Then root-filesystem. What for? Multiple GB's of almost-known plaintext encrypted under a single key just makes it easier for an attacker. You should only encrypt what's secret. Your /usr surely isn't! Marc - -- In July, [...] the FBI arrested a Russian computer security researcher who had presented a paper on the strengths and weaknesses of software used to protect electronic books. Dmitry Sklyarov [...] landed in jail because the Digital Millennium Copyright Act (DMCA) makes publishing critical research on this technology a more serious offense than publishing nuclear weapon designs. -- Bruce Schneier, Crypto-Gram Aug 2001 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE7vgz+3oWD+L2/6DgRAnlaAJ4tVONQArSzX3eTNEl8KvYyDTFZMACgwDoi rmlUkPMM8EAF6BgxUc3PvCA= =mvHE -----END PGP SIGNATURE----- Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Fri Oct 5 23:07:04 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Fri, 5 Oct 2001 23:06:39 +0200 Received: from storm.ca ([209.87.239.69]:37007 "EHLO mail.storm.ca") by humbolt.nl.linux.org with ESMTP id ; Fri, 5 Oct 2001 23:06:20 +0200 Received: from storm.ca (ppp-209-87-255-7.ottawa.storm.ca [209.87.255.7]) by mail.storm.ca (8.10.2+Sun/8.10.2) with ESMTP id f95L6Hg24980 for ; Fri, 5 Oct 2001 17:06:18 -0400 (EDT) Message-ID: <3BBE20FA.CE43488@storm.ca> Date: Fri, 05 Oct 2001 17:07:06 -0400 From: Sandy Harris X-Mailer: Mozilla 4.76 [en] (Win98; U) X-Accept-Language: en,fr MIME-Version: 1.0 To: linux-crypto@nl.linux.org Subject: Re: des-cbc References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list "Janusz A. Urbanowicz" wrote: > > Is there really no other cipher option than DES? It's broken, you know. > > FreeSWAN is deliberately explcuding it, even though it's part of the > > standard. I wouldn't support it in new projects. > > I wouldn't dare to call DES broken. It is the most researched algorithm we > have, with the only weakness of key size (which is cured by using 3DES). Single DES has been literally broken several times. If you don't want to call it "broken", perhaps "weak", or "insecure" or "obsolete"? There's a fairly detailed discussion in the FreeS/WAN documentation: http://www.freeswan.org/freeswan_trees/freeswan-1.91/doc/politics.html#desnotsecure Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Fri Oct 5 23:15:22 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Fri, 5 Oct 2001 23:15:14 +0200 Received: from anime.net ([63.172.78.150]:19719 "EHLO anime.net") by humbolt.nl.linux.org with ESMTP id ; Fri, 5 Oct 2001 23:15:04 +0200 Received: from localhost (goemon@localhost) by anime.net (8.9.3/8.9.3) with ESMTP id OAA27184; Fri, 5 Oct 2001 14:14:59 -0700 Date: Fri, 5 Oct 2001 14:14:59 -0700 (PDT) From: Dan Hollis To: Sandy Harris cc: Subject: Re: des-cbc In-Reply-To: <3BBE20FA.CE43488@storm.ca> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list On Fri, 5 Oct 2001, Sandy Harris wrote: > Single DES has been literally broken several times. No it hasnt. "broken" implies an exploit other than brute force is possible. Single DES is only weak because of its keylength. Brute force attacks work against ANY algorithm of short keylength. DES certainly isn't any weaker than any other cypher of the same keylength. -Dan -- [-] Omae no subete no kichi wa ore no mono da. [-] Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Sat Oct 6 02:02:06 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Sat, 6 Oct 2001 02:01:55 +0200 Received: from mta7.pltn13.pbi.net ([64.164.98.8]:63975 "EHLO pltn13.pbi.net") by humbolt.nl.linux.org with ESMTP id ; Sat, 6 Oct 2001 02:01:38 +0200 Disposition-notification-to: stuart@bh90210.net Received: from w2kpro01 ([207.214.182.70]) by mta7.pltn13.pbi.net (iPlanet Messaging Server 5.1 (built May 7 2001)) with SMTP id <0GKR00DJTC2HV1@mta7.pltn13.pbi.net> for linux-crypto@nl.linux.org; Fri, 05 Oct 2001 17:01:31 -0700 (PDT) Date: Fri, 05 Oct 2001 16:57:44 -0700 From: "IT3 Stuart B. Tener, USNR-R" Subject: RE: des-cbc In-reply-to: To: Dan Hollis , Sandy Harris Cc: linux-crypto@nl.linux.org Reply-to: stuart@bh90210.net Message-id: MIME-version: 1.0 X-MIMEOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) Content-type: text/plain; charset=us-ascii Content-transfer-encoding: 7BIT Importance: Normal X-Priority: 3 (Normal) X-MSMail-priority: Normal Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list Crypto list members: The very honest to g-d truth is not that DES is weak due to a short key length, or even broken (which is a lie, it has never been cracked). Its key length would not be considered short if we were all running 1MHz Z80s again. Key length is a determining factor only when the technology of effectuating a brute force attack in a short period of time has become a low cost choice. Everyone now is saying 3DES is strong, but will we consider it strong in 3 years? Even if the algorithm is never found to have been cracked? Of course we will, by then we will all have 12GHz processors, and 3DES will seem the same joke that DES is now. Very Respectfully, Stuart Blake Tener, IT3, USNR-R, N3GWG Beverly Hills, California VTU 1904G (Volunteer Training Unit) stuart@bh90210.net west coast: (310)-358-0202 P.O. Box 16043, Beverly Hills, CA 90209-2043 east coast: (215)-338-6005 P.O. Box 45859, Philadelphia, PA 19149-5859 Telecopier: (419)-715-6073 fax to email gateway via www.efax.com (it's free!) JOIN THE US NAVY RESERVE, SERVE YOUR COUNTRY, AND BENEFIT FROM IT ALL. Friday, October 05, 2001 4:52 PM -----Original Message----- From: owner-linux-crypto@nl.linux.org [mailto:owner-linux-crypto@nl.linux.org]On Behalf Of Dan Hollis Sent: Friday, October 05, 2001 2:15 PM To: Sandy Harris Cc: linux-crypto@nl.linux.org Subject: Re: des-cbc On Fri, 5 Oct 2001, Sandy Harris wrote: > Single DES has been literally broken several times. No it hasnt. "broken" implies an exploit other than brute force is possible. Single DES is only weak because of its keylength. Brute force attacks work against ANY algorithm of short keylength. DES certainly isn't any weaker than any other cypher of the same keylength. -Dan -- [-] Omae no subete no kichi wa ore no mono da. [-] Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Sat Oct 6 02:20:35 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Sat, 6 Oct 2001 02:20:24 +0200 Received: from spsystems.net ([209.47.149.227]:19209 "EHLO spsystems.net") by humbolt.nl.linux.org with ESMTP id ; Sat, 6 Oct 2001 02:20:10 +0200 Received: (from henry@localhost) by spsystems.net (8.9.3/8.9.3) id UAA28327; Fri, 5 Oct 2001 20:19:40 -0400 (EDT) Date: Fri, 5 Oct 2001 20:19:39 -0400 (EDT) From: Henry Spencer To: "IT3 Stuart B. Tener, USNR-R" cc: Dan Hollis , Sandy Harris , linux-crypto@nl.linux.org Subject: RE: des-cbc In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list On Fri, 5 Oct 2001, IT3 Stuart B. Tener, USNR-R wrote: > Key length is a determining factor only when the technology of effectuating > a brute force attack in a short period of time has become a low cost choice. Correct. Which is definitely true for single DES. It may not be "broken" in an abstract technical sense, but in a practical sense it's hopelessly vulnerable and should not be used for anything that matters. If it's worth taking the trouble to encrypt your files, it's worth using a stronger algorithm. > Everyone now is saying 3DES is strong, but will we consider it strong > in 3 years? Even if the algorithm is never found to have been cracked? Yes. Even assuming a (somewhat difficult) meet-in-the-middle attack, 3DES's strength against brute-force key search is is 72057594037927936 times (that is, 2^56 times) the strength of 1DES. That is not a factor that a few years of computer evolution will overcome. A century from now, the question will need closer examination, but right now it is not a realistic concern. > Of course > we will, by then we will all have 12GHz processors, and 3DES will seem the > same joke that DES is now. No. It will take much more than 12GHz to accomplish that. The ability to do arithmetic is useful in such discussions. Henry Spencer henry@spsystems.net Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Sat Oct 6 02:20:50 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Sat, 6 Oct 2001 02:20:35 +0200 Received: from cx230813-a.alsv1.occa.home.com ([24.1.169.123]:62983 "EHLO rush.lo0.org") by humbolt.nl.linux.org with ESMTP id ; Sat, 6 Oct 2001 02:20:25 +0200 Received: from localhost (localhost [127.0.0.1]) by rush.lo0.org (Postfix) with ESMTP id 9F6F8AD; Fri, 5 Oct 2001 17:20:03 -0700 (PDT) Date: Fri, 5 Oct 2001 17:20:03 -0700 (PDT) From: beldridg@pobox.com To: "IT3 Stuart B. Tener, USNR-R" Cc: Dan Hollis , Sandy Harris , Subject: RE: des-cbc In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list On Fri, 5 Oct 2001, IT3 Stuart B. Tener, USNR-R wrote: > Everyone now is saying 3DES is strong, but will we consider it > strong in 3 years? Even if the algorithm is never found to have been > cracked? Of course we will, by then we will all have 12GHz processors, > and 3DES will seem the same joke that DES is now. really? 3DES a joke in 3 years. i'll take you up on that. read the report by matt blaze, etc. on how long key length must be to protect info for a given number of years against brute force given the increase in computing horsepower and given a specific budget: http://www.crypto.com/papers/keylength.txt here is a summary: "Therefore, to provide adequate protection against the most serious threats --- well-funded commercial enterprises or government intelligence agencies --- keys used to protect data today should be at least 75 bits long. To protect information adequately for the next 20 years in the face of expected advances in computing power, keys in newly-deployed systems should be at least 90 bits long." - brett Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Sat Oct 6 02:48:15 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Sat, 6 Oct 2001 02:48:02 +0200 Received: from alcove.wittsend.com ([130.205.0.10]:1453 "EHLO alcove.wittsend.com") by humbolt.nl.linux.org with ESMTP id ; Sat, 6 Oct 2001 02:47:45 +0200 Received: (from mhw@localhost) by alcove.wittsend.com (8.9.3/8.9.3) id UAA20327; Fri, 5 Oct 2001 20:47:41 -0400 Date: Fri, 5 Oct 2001 20:47:41 -0400 From: "Michael H. Warfield" To: Sandy Harris Cc: linux-crypto@nl.linux.org Subject: Re: des-cbc Message-ID: <20011005204741.A17588@alcove.wittsend.com> Mail-Followup-To: Sandy Harris , linux-crypto@nl.linux.org References: <3BBE20FA.CE43488@storm.ca> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <3BBE20FA.CE43488@storm.ca> User-Agent: Mutt/1.3.20i Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list On Fri, Oct 05, 2001 at 05:07:06PM -0400, Sandy Harris wrote: > "Janusz A. Urbanowicz" wrote: > > > Is there really no other cipher option than DES? It's broken, you know. > > > FreeSWAN is deliberately explcuding it, even though it's part of the > > > standard. I wouldn't support it in new projects. > > I wouldn't dare to call DES broken. It is the most researched algorithm we > > have, with the only weakness of key size (which is cured by using 3DES). > Single DES has been literally broken several times. If you don't want to call > it "broken", perhaps "weak", or "insecure" or "obsolete"? No. None of the above. Simply "inadequate". There may be things for which is it "adequate", that I can not judge. For what we want to do now, in IPSec and securing data and transmissions and transactions, it simple is not up to the task. It has never been "broken", it simply is no longer up to the tasks. "Weak" implies an absolute measure of "strength" and, in fact, the issue is relative. It's strong compared to rot13 (which Adobe used in Ebooks) but pitiful compared to AES or IDEA. Calling it insecure requires the definition of what framework. I don't quite think I will argue with obsolete, since I agree that better options exist and I know of no real good reason to stick WITH DES, as long as you have the choice, so I guess that implies obsolete. But the bottom line is that it is simply inadequate for what we want to use a crypto algorithm for. But "inadequate" is a word that does not meet the requirements of the "argument by label and declaration" crowd. > There's a fairly detailed discussion in the FreeS/WAN documentation: > http://www.freeswan.org/freeswan_trees/freeswan-1.91/doc/politics.html#desnotsecure FreeSwan issues are political, not technical. Hence the continuing ban on US contributions to the FreeSwan project to the continuing detriment to their credibility. (Sorry, Sandy, can't pass up a decent opportunity for a "low blow".) > Linux-crypto: cryptography in and on the Linux system > Archive: http://mail.nl.linux.org/linux-crypto/ Mike -- Michael H. Warfield | (770) 985-6132 | mhw@WittsEnd.com (The Mad Wizard) | (678) 463-0932 | http://www.wittsend.com/mhw/ NIC whois: MHW9 | An optimist believes we live in the best of all PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it! Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Sat Oct 6 02:58:25 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Sat, 6 Oct 2001 02:58:11 +0200 Received: from storm.ca ([209.87.239.69]:926 "EHLO mail.storm.ca") by humbolt.nl.linux.org with ESMTP id ; Sat, 6 Oct 2001 02:58:03 +0200 Received: from storm.ca (ppp-209-87-255-7.ottawa.storm.ca [209.87.255.7]) by mail.storm.ca (8.10.2+Sun/8.10.2) with ESMTP id f960w1g19942 for ; Fri, 5 Oct 2001 20:58:01 -0400 (EDT) Message-ID: <3BBE5747.7689F964@storm.ca> Date: Fri, 05 Oct 2001 20:58:47 -0400 From: Sandy Harris X-Mailer: Mozilla 4.76 [en] (Win98; U) X-Accept-Language: en,fr MIME-Version: 1.0 To: linux-crypto@nl.linux.org Subject: Re: des-cbc References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list "IT3 Stuart B. Tener, USNR-R" wrote: > Crypto list members: > > The very honest to g-d truth is not that DES is weak due to a short key length, Nonsense. Inadequate key size is the only known practical problem with DES. Differential and linear cryptanalysis both break it faster than brute force in theory, but neither is a practical attack. The DES keylength was arguably too short when it was designed. Diffie and Hellman published a paper in 1977 showing that a keysearch machine that would break DES in about 9 hours could be built for $20 million. > or even broken (which is a lie, it has never been cracked). Sure it has: http://www.eff.org/descracker.html http://www.distributed.net/pressroom/DESII-1-PR.html The EFF machine was essentially the same design as Diffie and Hellman's, cost $200-odd thousand, and broke DES in 57 hours. > Its key > length would not be considered short if we were all running 1MHz Z80s again. > Key length is a determining factor only when the technology of effectuating > a brute force attack in a short period of time has become a low cost choice. > > Everyone now is saying 3DES is strong, but will we consider it strong in 3 > years? Even if the algorithm is never found to have been cracked? Of course > we will, by then we will all have 12GHz processors, and 3DES will seem the > same joke that DES is now. You don't appear to understand the math. For one explanation, see: http://www.freeswan.org/freeswan_trees/freeswan-1.91/doc/glossary.html#brute Going from 1 MHz to 12 GHz is a factor of 12,000. 14 extra key bits make a cipher 2^14, about 16,000, times harder to brute force. At least against brute force keysearch, 3DES is strong enough. A meet-in-the-middle attack breaks 3DES in 2^112 encryptions, but that is almost certainly large enough to be safe. Also, the attack requires some absurd amount of memory. Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Sat Oct 6 03:11:45 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Sat, 6 Oct 2001 03:11:38 +0200 Received: from anime.net ([63.172.78.150]:17171 "EHLO anime.net") by humbolt.nl.linux.org with ESMTP id ; Sat, 6 Oct 2001 03:11:21 +0200 Received: from localhost (goemon@localhost) by anime.net (8.9.3/8.9.3) with ESMTP id SAA31033; Fri, 5 Oct 2001 18:11:17 -0700 Date: Fri, 5 Oct 2001 18:11:17 -0700 (PDT) From: Dan Hollis To: Sandy Harris cc: Subject: Re: des-cbc In-Reply-To: <3BBE5747.7689F964@storm.ca> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list On Fri, 5 Oct 2001, Sandy Harris wrote: > > or even broken (which is a lie, it has never been cracked). > Sure it has: > http://www.eff.org/descracker.html > http://www.distributed.net/pressroom/DESII-1-PR.html Quit playing stupid word games. DES has been bruteforced, which is the case for ANY ALGORITHM OF SHORT KEY LENGTH. DES algorithm has never been CRACKED. Unlike some other algorithms... Give it up. Bruteforcing is NOT cracking. -Dan -- [-] Omae no subete no kichi wa ore no mono da. [-] Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Sat Oct 6 08:29:07 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Sat, 6 Oct 2001 08:28:50 +0200 Received: from pluto.runbox.com ([193.71.199.39]:3082 "EHLO pluto.runbox.com") by humbolt.nl.linux.org with ESMTP id ; Sat, 6 Oct 2001 08:28:30 +0200 Received: from [32.103.46.216] (helo=room101.2y.net) by pluto.runbox.com with esmtp (Exim 3.16 #2) id 15pkwT-0000lo-00 for linux-crypto@nl.linux.org; Sat, 06 Oct 2001 08:28:10 +0200 Received: by room101.2y.net (Postfix, from userid 1000) id C0D77138C; Sat, 6 Oct 2001 01:30:45 -0500 (CDT) Date: Sat, 6 Oct 2001 01:30:45 -0500 From: Rob McGee To: linux-crypto@nl.linux.org Subject: Re: encrypting the whole disk / all the data Message-ID: <20011006013045.J2095@hal> References: <0GKR00K910AZBS@mail.uni-bielefeld.de> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <0GKR00K910AZBS@mail.uni-bielefeld.de>; from Marc.Mutz@uni-bielefeld.de on Fri, Oct 05, 2001 at 09:41:50PM +0200 Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list On Fri, Oct 05, 2001 at 09:41:50PM +0200, Marc Mutz wrote: > > Simple question: How do I guarantee that not a single bit of my > > essential data is written non-crypted on my Linux (laptop-)box ? > > > Then root-filesystem. > > What for? Multiple GB's of almost-known plaintext encrypted under a > single key just makes it easier for an attacker. You should only > encrypt what's secret. Your /usr surely isn't! That is a good point, but not the only way of looking at it. My thoughts in wanting to encrypt the root filesystem are that an attacker would have to spend a lot of energy to get at useless data. I figure that the TLA's have taken multiple GB's of fully-known plaintext, and they have done a lot of research looking for ways to crack all the known algorithms. If that hasn't taught them how to do it, my /usr isn't going to help them. Or if it *has* worked and they know how to break my algorithm, they'll get my data anyway, and I might as well hide my needles[1] in a bigger haystack. Rob - /dev/rob0 [1] No, there are no needles. :) For those of you who are not native English speakers, that is a common idiom to describe a difficult search. Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Sat Oct 6 08:44:35 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Sat, 6 Oct 2001 08:44:19 +0200 Received: from mta5.snfc21.pbi.net ([206.13.28.241]:35975 "EHLO snfc21.pbi.net") by humbolt.nl.linux.org with ESMTP id ; Sat, 6 Oct 2001 08:43:54 +0200 Disposition-notification-to: stuart@bh90210.net Received: from w2kpro01 ([206.170.209.113]) by mta5.snfc21.pbi.net (iPlanet Messaging Server 5.1 (built May 7 2001)) with SMTP id <0GKR00GF0UOW9L@mta5.snfc21.pbi.net> for linux-crypto@nl.linux.org; Fri, 05 Oct 2001 23:43:49 -0700 (PDT) Date: Fri, 05 Oct 2001 23:39:58 -0700 From: "IT3 Stuart B. Tener, USNR-R" Subject: RE: des-cbc In-reply-to: <3BBE5747.7689F964@storm.ca> To: Sandy Harris , linux-crypto@nl.linux.org Reply-to: stuart@bh90210.net Message-id: MIME-version: 1.0 X-MIMEOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) Content-type: text/plain; charset=US-ASCII Content-transfer-encoding: 7BIT Importance: Normal X-Priority: 3 (Normal) X-MSMail-priority: Normal Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list Mr. Harris: First off, I'll thank you to quote me in my entirety if you plan to do that, otherwise don't quote me at all. You simply left off the pertinent parts of my initial a