From linux-crypto-bounce@nl.linux.org Mon Dec 3 15:16:59 2001 Received: from localhost.nl.linux.org ([IPv6:::ffff:127.0.0.1]:19421 "EHLO humbolt.") by humbolt.nl.linux.org with ESMTP id ; Mon, 3 Dec 2001 15:16:47 +0100 Received: with LISTAR (v1.0.0; list linux-crypto); Mon, 03 Dec 2001 15:16:01 +0100 (CET) Received: from cm.med.3284844210.kabelnet.net ([IPv6:::ffff:195.202.190.178]:60173 "EHLO phobos.hvrlab.org") by humbolt.nl.linux.org with ESMTP id ; Mon, 3 Dec 2001 15:15:40 +0100 Received: from janus.txd.hvrlab.org (IDENT:1iH/wy1A5rVHiDRUDbsVnvDv3bKTq6hZ@janus.txd.hvrlab.org [10.51.1.5]) by phobos.hvrlab.org (8.11.6/8.11.6) with ESMTP id fB3EF5d02368 for ; Mon, 3 Dec 2001 15:15:06 +0100 Subject: [Fwd: RFC(ry): breaking loop.c's IV calculation] From: Herbert Valerio Riedel To: linux-crypto@nl.linux.org Content-Type: text/plain Content-Transfer-Encoding: 7bit X-Mailer: Evolution/0.99.2 (Preview Release) Date: 03 Dec 2001 15:15:05 +0100 Message-Id: <1007388906.1531.39.camel@janus.txd.hvrlab.org> Mime-Version: 1.0 X-listar-version: Listar v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: hvr@hvrlab.org Precedence: bulk List-help: List-unsubscribe: List-software: Listar version 1.0.0 X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-archive@nl.linux.org Original-Recipient: rfc822;linux-crypto-archive@nl.linux.org fyi -----Forwarded Message----- From: Herbert Valerio Riedel To: Andrea Arcangeli Cc: Jari Ruusu , axboe@suse.de, marcelo@conectiva.com.br, linux-kernel@vger.kernel.org Subject: RFC(ry): breaking loop.c's IV calculation Date: 03 Dec 2001 15:12:42 +0100 On Sun, 2001-12-02 at 23:46, Andrea Arcangeli wrote: > > >> ps: any chance to get a sector-based-IV calculation (instead of the > > >> actual broken soft blocksize based one) into loop.c?!? > > > I can extract all loop.c bug fixes from loop-AES, excluding AES cipher, if > > > someone wants them. Well, I can include AES cipher too, but that would > > > royally piss-off the cryptoapi people. > > ..maybe :-)) > > > > > Does anyone want the bug fixes? Jens? Marcelo? > > I hope jens & andrea still remember the motivation this IV thing... :-) > Of course I remeber. I still vote for breaking the IV API and to avoid > the compatibility cruft. Please post to l-k the patch to change the IV > granularity from the softblocksize to 512 fixed describing our > discussion, so if anybody really cares about the current IV API he will > have a chance to complain before we post the patch for inclusion to > Marcelo and Linus. > > btw, I don't care, whether my backward-compatible (or > > 'toothpaste-back-into-tube'-approach as jari > > would call it ;) patch gets approved or whether a radical switch to sector > > based IV calculation as jari proposes gets accepted... > > > > we just need a consistent IV metric, regardless of the underlying medium > > (/dev/cdrom,/dev/fd0,/dev/hda,...) or any involved layers (lvm, md, ...) > > Indeed. well, I've put one patch together (it still needs (constructive) auditing though! jari?) here it is (it's against 2.4.16's loop.[ch]) (also available as /pub/linux/kernel/people/hvr/loop2-iv-2.4.16.patch) Index: drivers/block/loop.c =================================================================== RCS file: /cvs/linux-2.4-xfs/linux/drivers/block/loop.c,v retrieving revision 1.43 diff -u -r1.43 loop.c --- drivers/block/loop.c 2001/11/20 18:59:02 1.43 +++ drivers/block/loop.c 2001/12/03 15:03:36 @@ -85,7 +85,7 @@ * Transfer functions */ static int transfer_none(struct loop_device *lo, int cmd, char *raw_buf, - char *loop_buf, int size, int real_block) + char *loop_buf, int size, loop_iv_t IV) { if (raw_buf != loop_buf) { if (cmd == READ) @@ -98,7 +98,7 @@ } static int transfer_xor(struct loop_device *lo, int cmd, char *raw_buf, - char *loop_buf, int size, int real_block) + char *loop_buf, int size, loop_iv_t IV) { char *in, *out, *key; int i, keysize; @@ -186,7 +186,7 @@ len = bh->b_size; data = bh->b_data; while (len > 0) { - int IV = index * (PAGE_CACHE_SIZE/bsize) + offset/bsize; + const loop_iv_t IV = (index << (PAGE_CACHE_SHIFT - LOOP_IV_SECTOR_BITS)) + (offset >> LOOP_IV_SECTOR_BITS); int transfer_result; size = PAGE_CACHE_SIZE - offset; @@ -244,7 +244,7 @@ unsigned long count = desc->count; struct lo_read_data *p = (struct lo_read_data*)desc->buf; struct loop_device *lo = p->lo; - int IV = page->index * (PAGE_CACHE_SIZE/p->bsize) + offset/p->bsize; + const loop_iv_t IV = (page->index << (PAGE_CACHE_SHIFT - LOOP_IV_SECTOR_BITS)) + (offset >> LOOP_IV_SECTOR_BITS); if (size > count) size = count; @@ -296,20 +296,6 @@ return bs; } -static inline unsigned long loop_get_iv(struct loop_device *lo, - unsigned long sector) -{ - int bs = loop_get_bs(lo); - unsigned long offset, IV; - - IV = sector / (bs >> 9) + lo->lo_offset / bs; - offset = ((sector % (bs >> 9)) << 9) + lo->lo_offset % bs; - if (offset >= bs) - IV++; - - return IV; -} - static int do_bh_filebacked(struct loop_device *lo, struct buffer_head *bh, int rw) { loff_t pos; @@ -455,7 +441,7 @@ { struct buffer_head *bh = NULL; struct loop_device *lo; - unsigned long IV; + loop_iv_t IV; if (!buffer_locked(rbh)) BUG(); @@ -502,7 +488,7 @@ * piggy old buffer on original, and submit for I/O */ bh = loop_get_buffer(lo, rbh); - IV = loop_get_iv(lo, rbh->b_rsector); + IV = rbh->b_rsector + (lo->lo_offset >> LOOP_IV_SECTOR_BITS); if (rw == WRITE) { set_bit(BH_Dirty, &bh->b_state); if (lo_do_transfer(lo, WRITE, bh->b_data, rbh->b_data, @@ -539,7 +525,7 @@ bh->b_end_io(bh, !ret); } else { struct buffer_head *rbh = bh->b_private; - unsigned long IV = loop_get_iv(lo, rbh->b_rsector); + const loop_iv_t IV = rbh->b_rsector + (lo->lo_offset >> LOOP_IV_SECTOR_BITS); ret = lo_do_transfer(lo, READ, bh->b_data, rbh->b_data, bh->b_size, IV); Index: include/linux/loop.h =================================================================== RCS file: /cvs/linux-2.4-xfs/linux/include/linux/loop.h,v retrieving revision 1.5 diff -u -r1.5 loop.h --- include/linux/loop.h 2001/09/21 16:28:50 1.5 +++ include/linux/loop.h 2001/12/03 15:03:36 @@ -17,6 +17,12 @@ #ifdef __KERNEL__ +/* definitions for IV metric */ +#define LOOP_IV_SECTOR_BITS 9 +#define LOOP_IV_SECTOR_SIZE (1 << LO_IV_SECTOR_BITS) + +typedef unsigned long loop_iv_t; + /* Possible states of device */ enum { Lo_unbound, @@ -24,6 +30,12 @@ Lo_rundown, }; +struct loop_device; + +typedef int (* transfer_proc_t)(struct loop_device *, int cmd, + char *raw_buf, char *loop_buf, int size, + loop_iv_t IV); + struct loop_device { int lo_number; int lo_refcnt; @@ -32,9 +44,7 @@ int lo_encrypt_type; int lo_encrypt_key_size; int lo_flags; - int (*transfer)(struct loop_device *, int cmd, - char *raw_buf, char *loop_buf, int size, - int real_block); + transfer_proc_t transfer; char lo_name[LO_NAME_SIZE]; char lo_encrypt_key[LO_KEY_SIZE]; __u32 lo_init[2]; @@ -58,17 +68,13 @@ atomic_t lo_pending; }; -typedef int (* transfer_proc_t)(struct loop_device *, int cmd, - char *raw_buf, char *loop_buf, int size, - int real_block); - static inline int lo_do_transfer(struct loop_device *lo, int cmd, char *rbuf, - char *lbuf, int size, int rblock) + char *lbuf, int size, loop_iv_t IV) { if (!lo->transfer) return 0; - return lo->transfer(lo, cmd, rbuf, lbuf, size, rblock); + return lo->transfer(lo, cmd, rbuf, lbuf, size, IV); } #endif /* __KERNEL__ */ @@ -122,6 +128,8 @@ #define LO_CRYPT_IDEA 6 #define LO_CRYPT_DUMMY 9 #define LO_CRYPT_SKIPJACK 10 +#define LO_CRYPT_AES 16 /* loop-AES */ +#define LO_CRYPT_CRYPTOAPI 18 /* international crypto patch */ #define MAX_LO_CRYPT 20 #ifdef __KERNEL__ @@ -129,7 +137,7 @@ struct loop_func_table { int number; /* filter type */ int (*transfer)(struct loop_device *lo, int cmd, char *raw_buf, - char *loop_buf, int size, int real_block); + char *loop_buf, int size, loop_iv_t IV); int (*init)(struct loop_device *, struct loop_info *); /* release is called from loop_unregister_transfer or clr_fd */ int (*release)(struct loop_device *); -- Herbert Valerio Riedel / Phone: (EUROPE) +43-1-58801-18840 Email: hvr@hvrlab.org / Finger hvr@gnu.org for GnuPG Public Key GnuPG Key Fingerprint: 7BB9 2D6C D485 CE64 4748 5F65 4981 E064 883F 4142 - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Tue Dec 4 10:10:45 2001 Received: from localhost.nl.linux.org ([IPv6:::ffff:127.0.0.1]:12741 "EHLO humbolt.") by humbolt.nl.linux.org with ESMTP id ; Tue, 4 Dec 2001 10:10:32 +0100 Received: with LISTAR (v1.0.0; list linux-crypto); Tue, 04 Dec 2001 10:09:38 +0100 (CET) Received: from sfgmsw01.roverfin.com ([IPv6:::ffff:194.42.242.73]:49412 "EHLO sfgmsw01.bmwfin.com") by humbolt.nl.linux.org with ESMTP id ; Tue, 4 Dec 2001 10:09:21 +0100 Received: from exchangesrv.bmwfin.com (unverified) by sfgmsw01.bmwfin.com (Content Technologies SMTPRS 4.1.5) with ESMTP id for ; Tue, 4 Dec 2001 09:01:38 +0000 Received: by EXCHANGESRV with Internet Mail Service (5.5.2653.19) id ; Tue, 4 Dec 2001 09:06:07 -0000 Message-ID: <3D6DE68CE505D311B2540020482D025307A031AD@EXCHANGESRV> From: Stephen.Thompson@bmwfin.com To: linux-crypto@nl.linux.org Subject: CryptoApi and kernel 2.4.14 Date: Tue, 4 Dec 2001 09:06:05 -0000 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: text/plain; charset="iso-8859-1" X-listar-version: Listar v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: Stephen.Thompson@bmwfin.com Precedence: bulk List-help: List-unsubscribe: List-software: Listar version 1.0.0 X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-archive@nl.linux.org Original-Recipient: rfc822;linux-crypto-archive@nl.linux.org Hello All, I am trying to compile the API on a 2.4.14 machine. The loop.c has been patched to make it load correctly. Now when I try to compile the API I get the following: ferengi:/usr/src/cryptoapi-2.4.7.0# make Making all in api make[1]: Entering directory `/usr/src/cryptoapi-2.4.7.0/api' gcc -I../include -D__KERNEL__ -DMODULE -DUSE_LO_IV_MODE_SECTOR -I/usr/src/linux-2.4.14/include -Wall -Wstrict-prototypes -Wno-trigraphs -O2 -fomit-frame-pointer -fno-strict-aliasing -fno-common -pipe -mpreferred-stack-boundary=2 -march=i686 -malign-functions=4 -DMODVERSIONS -include /usr/src/linux-2.4.14/include/linux/modversions.h -o cryptoapi.o -c cryptoapi.c cryptoapi.c:466: parse error before `this_object_must_be_defined_as_export_objs_in_the_Makefile' cryptoapi.c:466: warning: type defaults to `int' in declaration of `this_object_must_be_defined_as_export_objs_in_the_Makefile' cryptoapi.c:466: warning: data definition has no type or storage class cryptoapi.c:467: parse error before `this_object_must_be_defined_as_export_objs_in_the_Makefile' cryptoapi.c:467: warning: type defaults to `int' in declaration of `this_object_must_be_defined_as_export_objs_in_the_Makefile' cryptoapi.c:467: warning: data definition has no type or storage class cryptoapi.c:468: parse error before `this_object_must_be_defined_as_export_objs_in_the_Makefile' cryptoapi.c:468: warning: type defaults to `int' in declaration of `this_object_must_be_defined_as_export_objs_in_the_Makefile' cryptoapi.c:468: warning: data definition has no type or storage class cryptoapi.c:469: parse error before `this_object_must_be_defined_as_export_objs_in_the_Makefile' cryptoapi.c:469: warning: type defaults to `int' in declaration of `this_object_must_be_defined_as_export_objs_in_the_Makefile' cryptoapi.c:469: warning: data definition has no type or storage class cryptoapi.c:470: parse error before `this_object_must_be_defined_as_export_objs_in_the_Makefile' cryptoapi.c:470: warning: type defaults to `int' in declaration of `this_object_must_be_defined_as_export_objs_in_the_Makefile' cryptoapi.c:470: warning: data definition has no type or storage class cryptoapi.c:471: parse error before `this_object_must_be_defined_as_export_objs_in_the_Makefile' cryptoapi.c:471: warning: type defaults to `int' in declaration of `this_object_must_be_defined_as_export_objs_in_the_Makefile' cryptoapi.c:471: warning: data definition has no type or storage class cryptoapi.c:472: parse error before `this_object_must_be_defined_as_export_objs_in_the_Makefile' cryptoapi.c:472: warning: type defaults to `int' in declaration of `this_object_must_be_defined_as_export_objs_in_the_Makefile' cryptoapi.c:472: warning: data definition has no type or storage class make[1]: *** [cryptoapi.o] Error 1 make[1]: Leaving directory `/usr/src/cryptoapi-2.4.7.0/api' make: *** [all-recursive] Error 1 If I need to get a patch, could someone point me to where? Thanks. Stephen. ------------------------------------------------------------------------------------------- Copyright material and/or confidential and/or privileged information may be contained in this e-mail and any attached documents. The material and information is intended for the use of the intended addressee only. If you are not the intended addressee, or the person responsible for delivering it to the intended addressee, you may not copy, disclose, distribute, disseminate or deliver it to anyone else or use it in any unauthorised manner or take or omit to take any action in reliance on it. To do so is prohibited and may be unlawful. The views expressed in this e-mail may not be official policy but the personal views of the originator. If you receive this e-mail in error, please advise the sender immediately by using the reply facility in your e-mail software, or contact postmaster@bmwfin.com. Please also delete this e-mail and all documents attached immediately. Many thanks for your co-operation. BMW Financial Services (GB) Limited is registered in England and Wales under company number 01288537. Registered Offices : Europa House, Bartley Way, Hook, Hants, RG27 9UF ------------------------------------------------------------------------------------------ - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Tue Dec 4 16:19:29 2001 Received: from localhost.nl.linux.org ([IPv6:::ffff:127.0.0.1]:39646 "EHLO humbolt.") by humbolt.nl.linux.org with ESMTP id ; Tue, 4 Dec 2001 16:19:16 +0100 Received: with LISTAR (v1.0.0; list linux-crypto); Tue, 04 Dec 2001 16:18:52 +0100 (CET) Received: from [IPv6:::ffff:194.46.8.33] ([IPv6:::ffff:194.46.8.33]:47626 "EHLO angusbay.vnl.com") by humbolt.nl.linux.org with ESMTP id ; Tue, 4 Dec 2001 16:18:45 +0100 Received: from amon by angusbay.vnl.com with local (Exim 3.22 #1) id 16BHNg-0007QT-00 (Debian); Tue, 04 Dec 2001 15:21:12 +0000 Date: Tue, 4 Dec 2001 15:21:12 +0000 From: Dale Amon To: Stephen.Thompson@bmwfin.com Cc: linux-crypto@nl.linux.org Subject: Re: CryptoApi and kernel 2.4.14 Message-ID: <20011204152112.A27184@vnl.com> Mail-Followup-To: Dale Amon , Stephen.Thompson@bmwfin.com, linux-crypto@nl.linux.org References: <3D6DE68CE505D311B2540020482D025307A031AD@EXCHANGESRV> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <3D6DE68CE505D311B2540020482D025307A031AD@EXCHANGESRV> User-Agent: Mutt/1.3.23i X-Operating-System: Linux, the choice of a GNU generation X-listar-version: Listar v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: amon@vnl.com Precedence: bulk List-help: List-unsubscribe: List-software: Listar version 1.0.0 X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-archive@nl.linux.org Original-Recipient: rfc822;linux-crypto-archive@nl.linux.org > I am trying to compile the API on a 2.4.14 machine. The loop.c has been > patched to make it load correctly. Now when I try to compile the API I get > the following: Try the 2.4.10 cryptoapi patches instead. -- ------------------------------------------------------ Nuke bin Laden: Dale Amon, CEO/MD improve the global Islandone Society gene pool. www.islandone.org ------------------------------------------------------ - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Tue Dec 4 16:26:45 2001 Received: from localhost.nl.linux.org ([IPv6:::ffff:127.0.0.1]:42208 "EHLO humbolt.") by humbolt.nl.linux.org with ESMTP id ; Tue, 4 Dec 2001 16:26:32 +0100 Received: with LISTAR (v1.0.0; list linux-crypto); Tue, 04 Dec 2001 16:26:25 +0100 (CET) Received: from [IPv6:::ffff:194.46.8.33] ([IPv6:::ffff:194.46.8.33]:53002 "EHLO angusbay.vnl.com") by humbolt.nl.linux.org with ESMTP id ; Tue, 4 Dec 2001 16:26:13 +0100 Received: from amon by angusbay.vnl.com with local (Exim 3.22 #1) id 16BHY3-0007Ty-00 (Debian); Tue, 04 Dec 2001 15:31:55 +0000 Date: Tue, 4 Dec 2001 15:31:55 +0000 From: Dale Amon To: Herbert Valerio Riedel Cc: linux-crypto@nl.linux.org Subject: Re: [Fwd: RFC(ry): breaking loop.c's IV calculation] Message-ID: <20011204153155.B27184@vnl.com> Mail-Followup-To: Dale Amon , Herbert Valerio Riedel , linux-crypto@nl.linux.org References: <1007388906.1531.39.camel@janus.txd.hvrlab.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1007388906.1531.39.camel@janus.txd.hvrlab.org> User-Agent: Mutt/1.3.23i X-Operating-System: Linux, the choice of a GNU generation X-listar-version: Listar v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: amon@vnl.com Precedence: bulk List-help: List-unsubscribe: List-software: Listar version 1.0.0 X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-archive@nl.linux.org Original-Recipient: rfc822;linux-crypto-archive@nl.linux.org Minor problem with the patch. Since it matches on SUBLEVEL, it fails against 2.4.16 whereas it actually could have succeeded otherwise. This is of course easy to fix by hand, but it made my kernel building script fall right over in confusion :-) Makefile.rej: *************** *** 1,7 **** VERSION = 2 PATCHLEVEL = 4 SUBLEVEL = 15 - EXTRAVERSION =-greased-turkey KERNELRELEASE=$(VERSION).$(PATCHLEVEL).$(SUBLEVEL)$(EXTRAVERSION) --- 1,7 ---- VERSION = 2 PATCHLEVEL = 4 SUBLEVEL = 15 + EXTRAVERSION =-crypto-greased-turkey KERNELRELEASE=$(VERSION).$(PATCHLEVEL).$(SUBLEVEL)$(EXTRAVERSION) -- ------------------------------------------------------ Nuke bin Laden: Dale Amon, CEO/MD improve the global Islandone Society gene pool. www.islandone.org ------------------------------------------------------ - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Tue Dec 4 17:42:51 2001 Received: from localhost.nl.linux.org ([IPv6:::ffff:127.0.0.1]:31462 "EHLO humbolt.") by humbolt.nl.linux.org with ESMTP id ; Tue, 4 Dec 2001 17:42:33 +0100 Received: with LISTAR (v1.0.0; list linux-crypto); Tue, 04 Dec 2001 17:42:23 +0100 (CET) Received: from cm.med.3284844210.kabelnet.net ([IPv6:::ffff:195.202.190.178]:20239 "EHLO phobos.hvrlab.org") by humbolt.nl.linux.org with ESMTP id ; Tue, 4 Dec 2001 17:42:11 +0100 Received: from janus.txd.hvrlab.org (IDENT:8IBIGXoTqcWshotVJKgQoD9z07CrCDu3@janus.txd.hvrlab.org [10.51.1.5]) by phobos.hvrlab.org (8.11.6/8.11.6) with ESMTP id fB4GfYd11991; Tue, 4 Dec 2001 17:41:37 +0100 Subject: ANNOUNCE: (BETA!) international kernel patch for 2.4.16 available! From: Herbert Valerio Riedel To: linux-crypto@nl.linux.org Cc: linux-kernel@vger.kernel.org Content-Type: text/plain Content-Transfer-Encoding: 7bit X-Mailer: Evolution/0.99.2 (Preview Release) Date: 04 Dec 2001 17:41:33 +0100 Message-Id: <1007484097.12213.12.camel@janus.txd.hvrlab.org> Mime-Version: 1.0 X-listar-version: Listar v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: hvr@hvrlab.org Precedence: bulk List-help: List-unsubscribe: List-software: Listar version 1.0.0 X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-archive@nl.linux.org Original-Recipient: rfc822;linux-crypto-archive@nl.linux.org *WARNING* this is meant for the brave ones (read beta-testers ;), which want to do some tests, and hopefully report back any problems they encounter! I assume everyone interested already knows what the international patch is for; and if not then maybe it's better to wait for the final version of this patch which will get a more informative announcement... :-) if you head over to {ftp,www}.kernel.org in /pub/linux/kernel/people/hvr/testing/ you'll find *) patch-int-2.4.16.0.{bz2,gz} a patch that contains: - the cryptographic kernel API layer - cryptographic ciphers (aes, twofish, mars, rc6, serpent, dfc, blowfish, idea, rc5, 3des, des) - digest algorithms (md5, sha1) - cryptographic loop filter module ('cryptoloop') this patch needs _one_ of the following two patches to be applied in order to make use of (i.e. compile) the cryptoloop module... *) loop-jari-2.4.16.0.patch jari's loop patch (slightly modified +++) featuring: - IV computed in 512 byte units. - Make device backed loop work with swap by pre-allocating pages. - External encryption module locking bug fixed (from Ingo Rohloff). - Get rid of the loop_get_bs() crap. - grab_cache_page() return value handled properly, avoids Oops. - No more illegal messing with BH_Dirty flag. - No more illegal sleeping in generic_make_request(). - Loops can be set-up properly when root partition is still mounted ro. - Default soft block size is set properly for file backed loops. - kmalloc() error case handled properly. +++ added 2 #defines and 1 typedef to loop.h for cryptoloop.c *) loop-hvr-2.4.16.0.patch my patch, with only the following functional improvement: - IV computed in 512 byte units. ... ps: the reason for kerneli.org being down or the lack of development of the int. patch is NOT caused by any government intervention... regards, -- Herbert Valerio Riedel / Phone: (EUROPE) +43-1-58801-18840 Email: hvr@hvrlab.org / Finger hvr@gnu.org for GnuPG Public Key GnuPG Key Fingerprint: 7BB9 2D6C D485 CE64 4748 5F65 4981 E064 883F 4142 - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Wed Dec 5 14:08:52 2001 Received: from localhost.nl.linux.org ([IPv6:::ffff:127.0.0.1]:46314 "EHLO humbolt.") by humbolt.nl.linux.org with ESMTP id ; Wed, 5 Dec 2001 14:08:36 +0100 Received: with LISTAR (v1.0.0; list linux-crypto); Wed, 05 Dec 2001 14:08:05 +0100 (CET) Received: from sfgmsw01.alphabet.com ([IPv6:::ffff:194.42.242.73]:8719 "EHLO sfgmsw01.bmwfin.com") by humbolt.nl.linux.org with ESMTP id ; Wed, 5 Dec 2001 14:07:52 +0100 Received: from exchangesrv.bmwfin.com (unverified) by sfgmsw01.bmwfin.com (Content Technologies SMTPRS 4.1.5) with ESMTP id ; Wed, 5 Dec 2001 13:00:47 +0000 Received: by EXCHANGESRV with Internet Mail Service (5.5.2653.19) id ; Wed, 5 Dec 2001 13:07:52 -0000 Message-ID: <3D6DE68CE505D311B2540020482D025307A031BE@EXCHANGESRV> From: Stephen.Thompson@bmwfin.com To: ggabor@sopron.hu Cc: linux-crypto@nl.linux.org Subject: RE: CryptoAPI problems Date: Wed, 5 Dec 2001 13:07:44 -0000 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: text/plain; charset="iso-8859-1" X-listar-version: Listar v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: Stephen.Thompson@bmwfin.com Precedence: bulk List-help: List-unsubscribe: List-software: Listar version 1.0.0 X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-archive@nl.linux.org Original-Recipient: rfc822;linux-crypto-archive@nl.linux.org I find that formatting it twice works. -----Original Message----- From: Gabor Gludovatz [mailto:ggabor@sopron.hu] Sent: 28 November 2001 09:41 To: linux-crypto@nl.linux.org Subject: CryptoAPI problems Hi, I'm having problems with using CryptoAPI. Here are the commands I used: roadrunner:/mnt# dd if=/dev/zero of=x bs=1M count=25 25+0 records in 25+0 records out roadrunner:/mnt# losetup -e blowfish /dev/loop0 /mnt/x Available keysizes (bits): 128 160 192 256 Keysize: 256 Password : roadrunner:/mnt# losetup /dev/loop0 /dev/loop0: [0301]:185852 (blowfish-cbc) offset 0, undefined encryption roadrunner:/mnt# mke2fs /dev/loop0 [...] (seems to be okay) roadrunner:/mnt# mount /dev/loop0 /mnt/tmp0 EXT2-fs error (device loop(7,0)): ext2_check_descriptors: Block bitmap for group 0 not in group (block 1085197902)! EXT2-fs: group descriptors corrupted! mount: wrong fs type, bad option, bad superblock on /dev/loop0, or too many mounted file systems roadrunner:/mnt# Any idea? -- Gabor Gludovatz http://www.sopron.hu/~ggabor/ - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ ------------------------------------------------------------------------------------------- Copyright material and/or confidential and/or privileged information may be contained in this e-mail and any attached documents. The material and information is intended for the use of the intended addressee only. If you are not the intended addressee, or the person responsible for delivering it to the intended addressee, you may not copy, disclose, distribute, disseminate or deliver it to anyone else or use it in any unauthorised manner or take or omit to take any action in reliance on it. To do so is prohibited and may be unlawful. The views expressed in this e-mail may not be official policy but the personal views of the originator. If you receive this e-mail in error, please advise the sender immediately by using the reply facility in your e-mail software, or contact postmaster@bmwfin.com. Please also delete this e-mail and all documents attached immediately. Many thanks for your co-operation. BMW Financial Services (GB) Limited is registered in England and Wales under company number 01288537. Registered Offices : Europa House, Bartley Way, Hook, Hants, RG27 9UF ------------------------------------------------------------------------------------------ - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Wed Dec 5 14:17:14 2001 Received: from localhost.nl.linux.org ([IPv6:::ffff:127.0.0.1]:46316 "EHLO humbolt.") by humbolt.nl.linux.org with ESMTP id ; Wed, 5 Dec 2001 14:17:05 +0100 Received: with LISTAR (v1.0.0; list linux-crypto); Wed, 05 Dec 2001 14:16:58 +0100 (CET) Received: from cm.med.3284844210.kabelnet.net ([IPv6:::ffff:195.202.190.178]:46610 "EHLO phobos.hvrlab.org") by humbolt.nl.linux.org with ESMTP id ; Wed, 5 Dec 2001 14:16:34 +0100 Received: from janus.txd.hvrlab.org (IDENT:TLfGxhzVc7Br7duPM+e/phQLkoN5B6ku@janus.txd.hvrlab.org [10.51.1.5]) by phobos.hvrlab.org (8.11.6/8.11.6) with ESMTP id fB5DFxd19382; Wed, 5 Dec 2001 14:15:59 +0100 Subject: RE: CryptoAPI problems From: Herbert Valerio Riedel To: Stephen.Thompson@bmwfin.com Cc: linux-crypto@nl.linux.org In-Reply-To: <3D6DE68CE505D311B2540020482D025307A031BE@EXCHANGESRV> References: <3D6DE68CE505D311B2540020482D025307A031BE@EXCHANGESRV> Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="=-XEZGWIxbzgARXIs4Q/9U" X-Mailer: Evolution/1.0 (Preview Release) Date: 05 Dec 2001 14:15:59 +0100 Message-Id: <1007558159.14898.6.camel@janus.txd.hvrlab.org> Mime-Version: 1.0 X-listar-version: Listar v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: hvr@hvrlab.org Precedence: bulk List-help: List-unsubscribe: List-software: Listar version 1.0.0 X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-archive@nl.linux.org Original-Recipient: rfc822;linux-crypto-archive@nl.linux.org --=-XEZGWIxbzgARXIs4Q/9U Content-Type: text/plain Content-Transfer-Encoding: quoted-printable On Wed, 2001-12-05 at 14:07, Stephen.Thompson@bmwfin.com wrote: > I find that formatting it twice works. the reason of which btw has to do with soft blocksize; (which get's changed when you mount it the first time, and then stays that way when re-mkfs'ing...) I highly recommend to switch to 512byte IV calculation (which will become the default for the int. patch) in order to avoid such problems.. regards, --=20 Herbert Valerio Riedel / Phone: (EUROPE) +43-1-58801-18840 Email: hvr@hvrlab.org / Finger hvr@gnu.org for GnuPG Public Key GnuPG Key Fingerprint: 7BB9 2D6C D485 CE64 4748 5F65 4981 E064 883F 4142 --=-XEZGWIxbzgARXIs4Q/9U Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQA8Dh4PSYHgZIg/QUIRAreWAKCyQXTZTz8M51HqNgsdity6LxEncQCghQo1 jaUxmYHxiEDjtPZTFqRbTDU= =mDJ2 -----END PGP SIGNATURE----- --=-XEZGWIxbzgARXIs4Q/9U-- - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Wed Dec 5 14:19:22 2001 Received: from localhost.nl.linux.org ([IPv6:::ffff:127.0.0.1]:14574 "EHLO humbolt.") by humbolt.nl.linux.org with ESMTP id ; Wed, 5 Dec 2001 14:19:11 +0100 Received: with LISTAR (v1.0.0; list linux-crypto); Wed, 05 Dec 2001 14:19:05 +0100 (CET) Received: from sfgmsw01.bmwfin.co.uk ([IPv6:::ffff:194.42.242.73]:46096 "EHLO sfgmsw01.bmwfin.com") by humbolt.nl.linux.org with ESMTP id ; Wed, 5 Dec 2001 14:18:52 +0100 Received: from exchangesrv.bmwfin.com (unverified) by sfgmsw01.bmwfin.com (Content Technologies SMTPRS 4.1.5) with ESMTP id ; Wed, 5 Dec 2001 13:11:47 +0000 Received: by EXCHANGESRV with Internet Mail Service (5.5.2653.19) id ; Wed, 5 Dec 2001 13:18:52 -0000 Message-ID: <3D6DE68CE505D311B2540020482D025307A031BF@EXCHANGESRV> From: Stephen.Thompson@bmwfin.com To: hvr@hvrlab.org, Stephen.Thompson@bmwfin.com Cc: linux-crypto@nl.linux.org Subject: RE: CryptoAPI problems Date: Wed, 5 Dec 2001 13:18:44 -0000 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: text/plain; charset="iso-8859-1" X-listar-version: Listar v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: Stephen.Thompson@bmwfin.com Precedence: bulk List-help: List-unsubscribe: List-software: Listar version 1.0.0 X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-archive@nl.linux.org Original-Recipient: rfc822;linux-crypto-archive@nl.linux.org Interesting.. Thanks for the info. Regards, Stephen. -----Original Message----- From: Herbert Valerio Riedel [mailto:hvr@hvrlab.org] Sent: 05 December 2001 13:16 To: Stephen.Thompson@bmwfin.com Cc: linux-crypto@nl.linux.org Subject: RE: CryptoAPI problems On Wed, 2001-12-05 at 14:07, Stephen.Thompson@bmwfin.com wrote: > I find that formatting it twice works. the reason of which btw has to do with soft blocksize; (which get's changed when you mount it the first time, and then stays that way when re-mkfs'ing...) I highly recommend to switch to 512byte IV calculation (which will become the default for the int. patch) in order to avoid such problems.. regards, -- Herbert Valerio Riedel / Phone: (EUROPE) +43-1-58801-18840 Email: hvr@hvrlab.org / Finger hvr@gnu.org for GnuPG Public Key GnuPG Key Fingerprint: 7BB9 2D6C D485 CE64 4748 5F65 4981 E064 883F 4142 ------------------------------------------------------------------------------------------- Copyright material and/or confidential and/or privileged information may be contained in this e-mail and any attached documents. The material and information is intended for the use of the intended addressee only. If you are not the intended addressee, or the person responsible for delivering it to the intended addressee, you may not copy, disclose, distribute, disseminate or deliver it to anyone else or use it in any unauthorised manner or take or omit to take any action in reliance on it. To do so is prohibited and may be unlawful. The views expressed in this e-mail may not be official policy but the personal views of the originator. If you receive this e-mail in error, please advise the sender immediately by using the reply facility in your e-mail software, or contact postmaster@bmwfin.com. Please also delete this e-mail and all documents attached immediately. Many thanks for your co-operation. BMW Financial Services (GB) Limited is registered in England and Wales under company number 01288537. Registered Offices : Europa House, Bartley Way, Hook, Hants, RG27 9UF ------------------------------------------------------------------------------------------ - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Thu Dec 6 17:18:17 2001 Received: from localhost.nl.linux.org ([IPv6:::ffff:127.0.0.1]:64961 "EHLO humbolt.") by humbolt.nl.linux.org with ESMTP id ; Thu, 6 Dec 2001 17:18:09 +0100 Received: with LISTAR (v1.0.0; list linux-crypto); Thu, 06 Dec 2001 17:17:35 +0100 (CET) Received: from natwar.webmailer.de ([IPv6:::ffff:192.67.198.70]:56418 "EHLO post.webmailer.de") by humbolt.nl.linux.org with ESMTP id convert rfc822-to-8bit; Thu, 6 Dec 2001 17:17:19 +0100 Received: from there ([62.146.138.140]) by post.webmailer.de (8.9.3/8.8.7) with SMTP id RAA11110 for ; Thu, 6 Dec 2001 17:13:05 +0100 (MET) Message-Id: <200112061613.RAA11110@post.webmailer.de> Content-Type: text/plain; charset="iso-8859-1" From: Norbert Sendetzky Organization: Linuxnetworks To: linux-crypto@nl.linux.org Subject: Crypto API doc Date: Thu, 6 Dec 2001 17:17:33 +0100 X-Mailer: KMail [version 1.3.1] MIME-Version: 1.0 Content-Transfer-Encoding: 8BIT X-listar-version: Listar v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: norbert@linuxnetworks.de Precedence: bulk List-help: List-unsubscribe: List-software: Listar version 1.0.0 X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-archive@nl.linux.org Original-Recipient: rfc822;linux-crypto-archive@nl.linux.org Hi all Is there documentation about the linux crypto api available? If so, where can I find it. Norbert - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Fri Dec 7 14:53:53 2001 Received: from localhost.nl.linux.org ([IPv6:::ffff:127.0.0.1]:19149 "EHLO humbolt.") by humbolt.nl.linux.org with ESMTP id ; Fri, 7 Dec 2001 14:53:42 +0100 Received: with LISTAR (v1.0.0; list linux-crypto); Fri, 07 Dec 2001 14:53:27 +0100 (CET) Received: from mx0.gmx.de ([IPv6:::ffff:213.165.64.100]:61054 "HELO mx0.gmx.net") by humbolt.nl.linux.org with SMTP id ; Fri, 7 Dec 2001 14:53:10 +0100 Received: (qmail 28562 invoked by uid 0); 7 Dec 2001 13:53:08 -0000 Date: Fri, 7 Dec 2001 14:53:08 +0100 (MET) From: ragnagock@gmx.de To: linux-crypto@nl.linux.org MIME-Version: 1.0 Subject: CryptoAPI 2.4.7.0 X-Priority: 3 (Normal) X-Authenticated-Sender: #0004399983@gmx.net X-Authenticated-IP: [141.18.9.92] Message-ID: <19995.1007733188@www57.gmx.net> X-Mailer: WWW-Mail 1.5 (Global Message Exchange) X-Flags: 0001 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-listar-version: Listar v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: ragnagock@gmx.de Precedence: bulk List-help: List-unsubscribe: List-software: Listar version 1.0.0 X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-archive@nl.linux.org Original-Recipient: rfc822;linux-crypto-archive@nl.linux.org Hi, I' trying to get the modules version running but it doesn't work. When compiling I get the warning (api/cryptoloop.c): LO_CRYPT_CRYPTOAPI not (yet) defined in kernel header. Do I have to worry becaise I forgot sth.? The bigger problem is: depmod doesn't like the modules (unresolved depenencies). The function names have endings with numbers and 4 character codes. btw: I'm working on an initrd to decrypt "/", "/boot" and all others before init is called to have a completely encrypted harddisk. Now I just need a working CryptoAPI (and loopback...). Regards, Dirk -- GMX - Die Kommunikationsplattform im Internet. http://www.gmx.net - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Sat Dec 8 18:11:54 2001 Received: from localhost.nl.linux.org ([IPv6:::ffff:127.0.0.1]:12680 "EHLO humbolt.") by humbolt.nl.linux.org with ESMTP id ; Sat, 8 Dec 2001 18:11:39 +0100 Received: with LISTAR (v1.0.0; list linux-crypto); Sat, 08 Dec 2001 18:11:07 +0100 (CET) Received: from smtp011.mail.yahoo.com ([IPv6:::ffff:216.136.173.31]:34319 "HELO smtp011.mail.yahoo.com") by humbolt.nl.linux.org with SMTP id ; Sat, 8 Dec 2001 18:10:50 +0100 Received: from unknown (HELO zhujj) (142.204.83.74) by smtp.mail.vip.sc5.yahoo.com with SMTP; 8 Dec 2001 17:10:32 -0000 Message-ID: <002901c18024$21323100$4a53cc8e@zhujj> From: "Michael Zhu" To: Subject: About loop device Date: Sat, 8 Dec 2001 12:08:38 -0800 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_0024_01C17FE1.11A7E6F0" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4522.1200 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 X-listar-version: Listar v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: mylinuxk@yahoo.ca Precedence: bulk List-help: List-unsubscribe: List-software: Listar version 1.0.0 X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-archive@nl.linux.org Original-Recipient: rfc822;linux-crypto-archive@nl.linux.org This is a multi-part message in MIME format. ------=_NextPart_000_0024_01C17FE1.11A7E6F0 Content-Type: text/plain; charset="gb2312" Content-Transfer-Encoding: quoted-printable Hello,everyone, where can I find some information about how to write a = loop device driver? What is the principal of the loop device. I am not = very clear about this. I want to do some operations to the data of the = floppy disk. When read from the floppy disk I decrypt the data. When = write to the floppy disk I encrypt the data. I just don't know how to = implement this. I need a loop device? What is the main function of the = loop deivce? Thank you very much. I really appreciate your help. Michael ------=_NextPart_000_0024_01C17FE1.11A7E6F0 Content-Type: text/html; charset="gb2312" Content-Transfer-Encoding: quoted-printable

Hello,everyone, where can I find some = information=20 about how to write a loop device driver? What is the principal of the = loop=20 device. I am not very clear about this. I want to do some operations to = the data=20 of the floppy disk. When read from the floppy disk I decrypt the data. = When=20 write to the floppy disk I encrypt the data. I just don't know how = to=20 implement this. I need a loop device? What is the main function of = the=20 loop deivce?

Thank you very much. I really = appreciate your=20 help.

Michael

------=_NextPart_000_0024_01C17FE1.11A7E6F0-- _________________________________________________________ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Sat Dec 8 18:18:14 2001 Received: from localhost.nl.linux.org ([IPv6:::ffff:127.0.0.1]:10634 "EHLO humbolt.") by humbolt.nl.linux.org with ESMTP id ; Sat, 8 Dec 2001 18:18:04 +0100 Received: with LISTAR (v1.0.0; list linux-crypto); Sat, 08 Dec 2001 18:17:58 +0100 (CET) Received: from smtp017.mail.yahoo.com ([IPv6:::ffff:216.136.174.114]:47629 "HELO smtp017.mail.yahoo.com") by humbolt.nl.linux.org with SMTP id ; Sat, 8 Dec 2001 18:17:40 +0100 Received: from unknown (HELO zhujj) (142.204.83.74) by smtp.mail.vip.sc5.yahoo.com with SMTP; 8 Dec 2001 17:17:26 -0000 Message-ID: <005001c18025$18074740$4a53cc8e@zhujj> From: "Michael Zhu" To: Subject: About the crypto patch Date: Sat, 8 Dec 2001 12:15:33 -0800 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_004D_01C17FE2.0918C800" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4522.1200 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 X-listar-version: Listar v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: mylinuxk@yahoo.ca Precedence: bulk List-help: List-unsubscribe: List-software: Listar version 1.0.0 X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-archive@nl.linux.org Original-Recipient: rfc822;linux-crypto-archive@nl.linux.org This is a multi-part message in MIME format. ------=_NextPart_000_004D_01C17FE2.0918C800 Content-Type: text/plain; charset="gb2312" Content-Transfer-Encoding: quoted-printable Hi, I download a International Kernel Patch from = http://www.kernel.org/pub/linux/kernel/crypto/v2.4/ . But how can I open = it. The patch file is "patch-int-2.4.0.1.gz". After I open it using the = WinZip, there is only a patch-int-2.4.0.1 file. I couldn't open it. What = is wrong? Michael ------=_NextPart_000_004D_01C17FE2.0918C800 Content-Type: text/html; charset="gb2312" Content-Transfer-Encoding: quoted-printable

Hi, I download a International Kernel=20 Patch from http://www.k= ernel.org/pub/linux/kernel/crypto/v2.4/ .=20 But how can I open it. The patch file is "patch-int-2.4.0.1.gz". After I = open it=20 using the WinZip, there is only a patch-int-2.4.0.1 file. I couldn't = open it.=20 What is wrong?

Michael

------=_NextPart_000_004D_01C17FE2.0918C800-- _________________________________________________________ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Sat Dec 8 23:16:58 2001 Received: from localhost.nl.linux.org ([IPv6:::ffff:127.0.0.1]:19122 "EHLO humbolt.") by humbolt.nl.linux.org with ESMTP id ; Sat, 8 Dec 2001 23:16:45 +0100 Received: with LISTAR (v1.0.0; list linux-crypto); Sat, 08 Dec 2001 23:16:30 +0100 (CET) Received: from [IPv6:::ffff:194.46.8.33] ([IPv6:::ffff:194.46.8.33]:47886 "EHLO angusbay.vnl.com") by humbolt.nl.linux.org with ESMTP id ; Sat, 8 Dec 2001 23:16:15 +0100 Received: from amon by angusbay.vnl.com with local (Exim 3.22 #1) id 16Cpqv-0008Vo-00 (Debian); Sat, 08 Dec 2001 22:21:49 +0000 Date: Sat, 8 Dec 2001 22:21:49 +0000 From: Dale Amon To: Michael Zhu Cc: linux-crypto@nl.linux.org Subject: Re: About the crypto patch Message-ID: <20011208222149.GK23183@vnl.com> Mail-Followup-To: Dale Amon , Michael Zhu , linux-crypto@nl.linux.org References: <005001c18025$18074740$4a53cc8e@zhujj> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <005001c18025$18074740$4a53cc8e@zhujj> User-Agent: Mutt/1.3.24i X-Operating-System: Linux, the choice of a GNU generation X-listar-version: Listar v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: amon@vnl.com Precedence: bulk List-help: List-unsubscribe: List-software: Listar version 1.0.0 X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-archive@nl.linux.org Original-Recipient: rfc822;linux-crypto-archive@nl.linux.org On Sat, Dec 08, 2001 at 12:15:33PM -0800, Michael Zhu wrote: > Hi, I download a International Kernel Patch from http://www.kernel.org/pub/linux/kernel/crypto/v2.4/ . But how can I open it. The patch file is "patch-int-2.4.0.1.gz". After I open it using the WinZip, there is only a patch-int-2.4.0.1 file. I couldn't open it. What is wrong? > What I think is wrong is that you have a very, very great deal of learning to do. A linux kernel patch is just a text file, a diff between the source tree of a standard linux kernel and a kernel modified for crypto. I would suggest that you first: * Install linux on a computer * Learn how to build your own kernel from source * Learn how to use the patch and diff utilities * Come back and talk to us in about 6 months after you understand the basics. I can sympathize with the enormous learning curve you face, but there is very little I or anyone else on this list could do for you until you've learned a bit more. Hint number one: a Linux operating system source patch is of absolutely no use at all on a Windows operating system. Go forth and study. -- ------------------------------------------------------ Nuke bin Laden: Dale Amon, CEO/MD improve the global Islandone Society gene pool. www.islandone.org ------------------------------------------------------ - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Mon Dec 10 02:52:32 2001 Received: from localhost.nl.linux.org ([IPv6:::ffff:127.0.0.1]:42961 "EHLO humbolt.") by humbolt.nl.linux.org with ESMTP id ; Mon, 10 Dec 2001 02:50:22 +0100 Received: with LISTAR (v1.0.0; list linux-crypto); Mon, 10 Dec 2001 02:49:33 +0100 (CET) Received: from smtp012.mail.yahoo.com ([IPv6:::ffff:216.136.173.32]:43024 "HELO smtp012.mail.yahoo.com") by humbolt.nl.linux.org with SMTP id ; Mon, 10 Dec 2001 02:49:13 +0100 Received: from unknown (HELO zhujj) (142.204.83.111) by smtp.mail.vip.sc5.yahoo.com with SMTP; 10 Dec 2001 01:48:45 -0000 Message-ID: <003001c18135$afb614c0$6f53cc8e@zhujj> From: "Michael Zhu" To: Subject: About Stackable File System Interface For Linux Date: Sun, 9 Dec 2001 20:46:50 -0800 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_002D_01C180F2.A09CDC00" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4522.1200 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 X-listar-version: Listar v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: apiggyjj@yahoo.ca Precedence: bulk List-help: List-unsubscribe: List-software: Listar version 1.0.0 X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-archive@nl.linux.org Original-Recipient: rfc822;linux-crypto-archive@nl.linux.org This is a multi-part message in MIME format. ------=_NextPart_000_002D_01C180F2.A09CDC00 Content-Type: text/plain; charset="gb2312" Content-Transfer-Encoding: quoted-printable Hello, everyone, I have a question about stackable file system interface = for linux. I want to implement a encryption file system on a floppy disk, say = /dev/fd0, in Linux. I mean I just want to secure the data on the floppy = disk. This encryption file system can hook all the access to the floppy = disk. But in my wrapfs I don't know how to identify whether the = read/write operations is from/to the floppy disk. I mean how can I = combine the wrapfs driver with the floppy disk device so that I can do = some en/decryption to the data on the floppy disk. Can I identify this = by the "dentry" or "inode" structure? In fact I think I just need to implement a simple hook driver rather = than a whole file system. But this hook driver is layered with the file = system. Thanks in advance. Any help or advice will be appreciated. Michael ------=_NextPart_000_002D_01C180F2.A09CDC00 Content-Type: text/html; charset="gb2312" Content-Transfer-Encoding: quoted-printable

Hello, everyone, I have a question = about stackable=20 file system interface for linux.

I want to implement a encryption file = system on a=20 floppy disk, say /dev/fd0, in Linux. I mean I just want to secure the = data on=20 the floppy disk. This encryption file system can hook all the = access to=20 the floppy disk. But in my wrapfs I don't know how to identify whether = the=20 read/write operations is from/to the floppy disk. I mean how can I = combine the=20 wrapfs driver with the floppy disk device so that I can do some = en/decryption to=20 the data on the floppy disk. Can I identify this by the "dentry" or = "inode"=20 structure?

In fact I think I just need to = implement a simple=20 hook driver rather than a whole file system. But this hook driver is = layered=20 with the file system.

Thanks in advance. Any help or advice will be appreciated.

Michael

------=_NextPart_000_002D_01C180F2.A09CDC00-- _________________________________________________________ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Thu Dec 13 00:52:01 2001 Received: from localhost.nl.linux.org ([IPv6:::ffff:127.0.0.1]:8328 "EHLO humbolt.") by humbolt.nl.linux.org with ESMTP id ; Thu, 13 Dec 2001 00:42:53 +0100 Received: with LISTAR (v1.0.0; list linux-crypto); Thu, 13 Dec 2001 00:42:04 +0100 (CET) Received: from imo-r05.mx.aol.com ([IPv6:::ffff:152.163.225.101]:54247 "EHLO imo-r05.mx.aol.com") by humbolt.nl.linux.org with ESMTP id ; Tue, 11 Dec 2001 16:37:22 +0100 Received: from AnandDinakar@aol.com by imo-r05.mx.aol.com (mail_out_v31_r1.9.) id o.161.569feff (17081) for ; Tue, 11 Dec 2001 10:36:58 -0500 (EST) From: AnandDinakar@aol.com Message-ID: <161.569feff.2947821a@aol.com> Date: Tue, 11 Dec 2001 10:36:58 EST Subject: swap encryption To: linux-crypto@nl.linux.org MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit X-Mailer: AOL 7.0 for Windows US sub 121 X-listar-version: Listar v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: AnandDinakar@aol.com Precedence: bulk List-help: List-unsubscribe: List-software: Listar version 1.0.0 X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-archive@nl.linux.org Original-Recipient: rfc822;linux-crypto-archive@nl.linux.org Hi, I have a patch for mm/page_io.c::rw_page_base(..) that encrypts swap i/o. It works fine, BUT I couldnt keep the i/o async. Can anyone please tell me at how to encrypt swap keeping i/o async? thanx - anand - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Thu Dec 13 03:51:55 2001 Received: from localhost.nl.linux.org ([IPv6:::ffff:127.0.0.1]:21672 "EHLO humbolt.") by humbolt.nl.linux.org with ESMTP id ; Thu, 13 Dec 2001 03:51:44 +0100 Received: with LISTAR (v1.0.0; list linux-crypto); Thu, 13 Dec 2001 03:51:31 +0100 (CET) Received: from scythe.pacific.net.sg ([IPv6:::ffff:203.120.90.37]:21913 "EHLO scythe.pacific.net.sg") by humbolt.nl.linux.org with ESMTP id ; Thu, 13 Dec 2001 03:51:14 +0100 Received: from smtp1.pacific.net.sg (smtp1.pacific.net.sg [203.120.90.70]) by scythe.pacific.net.sg with ESMTP id fBD2out25799 for ; Thu, 13 Dec 2001 10:50:56 +0800 Received: from yahoo.com (jtcsurfer.jtc.gov.sg [203.120.21.125]) by smtp1.pacific.net.sg with ESMTP id fBD2otN05609 for ; Thu, 13 Dec 2001 10:50:55 +0800 Message-ID: <3C181782.1070701@yahoo.com> Date: Thu, 13 Dec 2001 10:50:42 +0800 From: Gong Zeng User-Agent: Mozilla/5.0 (Windows; U; Win98; en-US; rv:0.9.4) Gecko/20011019 Netscape6/6.2 X-Accept-Language: en-us MIME-Version: 1.0 To: linux-crypto@nl.linux.org Subject: Problem compiling util0linux (with crypto) under Debian 2.2r4 (potato) Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-listar-version: Listar v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: gong_zeng@yahoo.com Precedence: bulk List-help: List-unsubscribe: List-software: Listar version 1.0.0 X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-archive@nl.linux.org Original-Recipient: rfc822;linux-crypto-archive@nl.linux.org Hi, I am compiling the crypto options into kernel under Debian 2.2r4 (potato) ( I followed the instructions in the HOWTO). The kernel part was a breeze but when I tried to compile util-linux, I ran into compilation errors: cc -c -O -pipe -O2 -m486 -fomit-frame-pointer -I../lib -Wall -Wmissing-prototypes -Wstrict-prototypes -DNCH=1 -DSBINDIR=\"/sbin\" -DUSRSBINDIR=\"/usr/sbin\" -DLOGDIR=\"/var/log\" -DVARPATH=\"/var\" -DLOCALEDIR=\"/usr/share/locale\" -DHAVE_NFS lomount.c lomount.c:50: `LO_CRYPT_SERPENT' undeclared here (not in a function) lomount.c:50: initializer element is not constant lomount.c:50: (near initialization for `crypt_type_tbl[7].id') lomount.c:51: `LO_CRYPT_MARS' undeclared here (not in a function) lomount.c:51: initializer element is not constant lomount.c:51: (near initialization for `crypt_type_tbl[8].id') lomount.c:52: `LO_CRYPT_RC6' undeclared here (not in a function) lomount.c:52: initializer element is not constant lomount.c:52: (near initialization for `crypt_type_tbl[9].id') lomount.c:53: `LO_CRYPT_DES_EDE3' undeclared here (not in a function) lomount.c:53: initializer element is not constant lomount.c:53: (near initialization for `crypt_type_tbl[10].id') lomount.c:54: `LO_CRYPT_DFC' undeclared here (not in a function) lomount.c:54: initializer element is not constant lomount.c:54: (near initialization for `crypt_type_tbl[11].id') lomount.c: In function `set_loop': lomount.c:292: `LO_CRYPT_SERPENT' undeclared (first use in this function) lomount.c:292: (Each undeclared identifier is reported only once lomount.c:292: for each function it appears in.) lomount.c:293: `LO_CRYPT_MARS' undeclared (first use in this function) lomount.c:294: `LO_CRYPT_RC6' undeclared (first use in this function) lomount.c:295: `LO_CRYPT_DES_EDE3' undeclared (first use in this function) lomount.c:296: `LO_CRYPT_DFC' undeclared (first use in this function) make[1]: *** [lomount.o] Error 1 make[1]: Leaving directory `/usr/src/util-linux-2.10s/mount' make: *** [all] Error 1 I had done this before (in SuSE 6.4) without a hitch using exactly the same kernel and util-linux version. I am sure I am missing some files. But what files? I am using kernel 2.2.18, patch-int-2.2.18.3 and util-linux-2.10s. All of them downloaded from ftp.kernel.org. Thanks in advance for any advice. GZ - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Thu Dec 13 04:49:13 2001 Received: from localhost.nl.linux.org ([IPv6:::ffff:127.0.0.1]:20911 "EHLO humbolt.") by humbolt.nl.linux.org with ESMTP id ; Thu, 13 Dec 2001 04:48:57 +0100 Received: with LISTAR (v1.0.0; list linux-crypto); Thu, 13 Dec 2001 04:48:50 +0100 (CET) Received: from smtp013.mail.yahoo.com ([IPv6:::ffff:216.136.173.57]:21773 "HELO smtp013.mail.yahoo.com") by humbolt.nl.linux.org with SMTP id ; Thu, 13 Dec 2001 04:48:33 +0100 Received: from unknown (HELO zhujj) (142.204.83.138) by smtp.mail.vip.sc5.yahoo.com with SMTP; 13 Dec 2001 03:48:15 -0000 Message-ID: <00b101c183a1$df85b660$8a53cc8e@zhujj> From: "Michael Zhu" To: Subject: Communication between two modules Date: Wed, 12 Dec 2001 22:46:19 -0800 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_00AE_01C1835E.D0911CA0" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4522.1200 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 X-listar-version: Listar v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: apiggyjj@yahoo.ca Precedence: bulk List-help: List-unsubscribe: List-software: Listar version 1.0.0 X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-archive@nl.linux.org Original-Recipient: rfc822;linux-crypto-archive@nl.linux.org This is a multi-part message in MIME format. ------=_NextPart_000_00AE_01C1835E.D0911CA0 Content-Type: text/plain; charset="gb2312" Content-Transfer-Encoding: quoted-printable Hello,everyone, I have some questions about Linux file system and block = device. First, you know for the block device there is a blk_dev table which is = indexed by the major number of the block device. The register_blkdev() = function is used to insert a new entry into this blk_dev table. How can = I access to this table in my kernel module? The reason why I want to = access to this table is I want to access some specific Block Device = Driver Descriptor so that I can access to the request queue of that = block device, such as floppy disk device. This table is a global = variable? Second, whether two kernel modules can communicate with each other or = not? For example, can my own kernel module communicate with the floppy = block device? And how? I want to intercept the read/write operations to = the floppy block device. I mean I want to hook all the read/write = operations to the floppy block device in my kernel module. Third, I know that the kernel statically allocates a fixed number of = request descriptors to handle all the requests for block devices. There = are NR_REQUEST descriptors (usually 128) stored in the all_requests = array (This is from the book "Understanding the Linux Kernel" by Daniel = P. Bovet&Marco Cesati. P403). How can I access this all_requests array? = I need to access the request descriptor of the floppy disk device. Last one, about the ll_rw_block() function. How can I intercept this = function in my kernel module? Can I get the function pointer of this = function in my module? Any idea will be appreciated. Michael ------=_NextPart_000_00AE_01C1835E.D0911CA0 Content-Type: text/html; charset="gb2312" Content-Transfer-Encoding: quoted-printable

Hello,everyone, I have some questions = about Linux=20 file system and block device.

First, you know for the block device = there is a=20 blk_dev table which is indexed by the major number of the block device. = The=20 register_blkdev() function is used to insert a new entry into this = blk_dev=20 table. How can I access to this table in my kernel module? The reason = why I want=20 to access to this table is I want to access some specific Block Device = Driver=20 Descriptor so that I can access to the request queue of that block = device, such=20 as floppy disk device. This table is a global variable?

Second, whether two kernel modules can = communicate=20 with each other or not? For example, can my own kernel module = communicate with=20 the floppy block device? And how? I want to intercept the read/write = operations=20 to the floppy block device. I mean I want to hook all the read/write = operations=20 to the floppy block device in my kernel module.

Third, I know that the kernel = statically allocates=20 a fixed number of request descriptors to handle all the requests for = block=20 devices. There are NR_REQUEST descriptors (usually 128) stored in the=20 all_requests array (This is from the book "Understanding the Linux = Kernel" by=20 Daniel P. Bovet&Marco Cesati. P403). How can I access this = all_requests=20 array? I need to access the request descriptor of the floppy disk=20 device.

Last one, about the ll_rw_block() = function. =20 How can I intercept this function in my kernel module? Can I get the = function=20 pointer of this function in my module?

Any idea will be = appreciated.

Michael

------=_NextPart_000_00AE_01C1835E.D0911CA0-- _________________________________________________________ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Thu Dec 13 11:27:18 2001 Received: from localhost.nl.linux.org ([IPv6:::ffff:127.0.0.1]:34511 "EHLO humbolt.") by humbolt.nl.linux.org with ESMTP id ; Thu, 13 Dec 2001 11:27:09 +0100 Received: with LISTAR (v1.0.0; list linux-crypto); Thu, 13 Dec 2001 11:26:51 +0100 (CET) Received: from mx0.gmx.net ([IPv6:::ffff:213.165.64.100]:54081 "HELO mx0.gmx.net") by humbolt.nl.linux.org with SMTP id ; Thu, 13 Dec 2001 11:26:27 +0100 Received: (qmail 25993 invoked by uid 0); 13 Dec 2001 10:26:15 -0000 Date: Thu, 13 Dec 2001 11:26:15 +0100 (MET) From: ragnagock@gmx.de To: linux-crypto@nl.linux.org MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="========GMXBoundary326571008239175" Subject: Re: CryptoAPI 2.4.7.0 X-Priority: 3 (Normal) X-Authenticated-Sender: #0004399983@gmx.net X-Authenticated-IP: [141.18.9.92] Message-ID: <32657.1008239175@www47.gmx.net> X-Mailer: WWW-Mail 1.5 (Global Message Exchange) X-Flags: 0001 X-listar-version: Listar v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: ragnagock@gmx.de Precedence: bulk List-help: List-unsubscribe: List-software: Listar version 1.0.0 X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-archive@nl.linux.org Original-Recipient: rfc822;linux-crypto-archive@nl.linux.org This is a MIME encapsulated multipart message - please use a MIME-compliant e-mail program to open it. Dies ist eine mehrteilige Nachricht im MIME-Format - bitte verwenden Sie zum Lesen ein MIME-konformes Mailprogramm. --========GMXBoundary326571008239175 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit I solved the problem. I used the 2.4.9 Kernel which only compiled with SMP. That's why the CryptoAPI function calls had endings like _Rsmp_2346a53. So depmod didn't find them (dunno why). Kernel 2.4.10 compiles without SMP -> no problems with depmod. > please use the following patches for the meantime; > > http://ftp.kernel.org/pub/linux/kernel/people/hvr/testing/ > > as to your insmod problem; seems to be a modversions problem... > > On Fri, 2001-12-07 at 14:53, ragnagock@gmx.de wrote: > > Hi, > > > > I' trying to get the modules version running but it doesn't work. > > > > When compiling I get the warning (api/cryptoloop.c): > > LO_CRYPT_CRYPTOAPI not (yet) defined in kernel header. > > Do I have to worry because I forgot sth.? > > > > The bigger problem is: depmod doesn't like the modules (unresolved > > depenencies). > > The function names have endings with numbers and 4 character codes. > > > > btw: I'm working on an initrd to decrypt "/", "/boot" and all others before > > init is called to have a completely encrypted harddisk. > > Now I just need a working CryptoAPI (and loopback...). > > > > Regards, Dirk > > > > -- > > GMX - Die Kommunikationsplattform im Internet. > > http://www.gmx.net > > > > - > > Linux-crypto: cryptography in and on the Linux system > > Archive: http://mail.nl.linux.org/linux-crypto/ > -- > Herbert Valerio Riedel / Phone: (EUROPE) +43-1-58801-18840 > Email: hvr@hvrlab.org / Finger hvr@gnu.org for GnuPG Public Key > GnuPG Key Fingerprint: 7BB9 2D6C D485 CE64 4748 5F65 4981 E064 883F > 4142 > -- GMX - Die Kommunikationsplattform im Internet. http://www.gmx.net --========GMXBoundary326571008239175 Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQA8EPfSSYHgZIg/QUIRAtvZAKCYf2uuDlD07bcdaY3aXr43xt7ZYgCeMoXm K4lS+u9pBm0mHGqZALD+/+M= =wFos -----END PGP SIGNATURE----- --========GMXBoundary326571008239175-- - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Thu Dec 13 13:00:22 2001 Received: from localhost.nl.linux.org ([IPv6:::ffff:127.0.0.1]:5086 "EHLO humbolt.") by humbolt.nl.linux.org with ESMTP id ; Thu, 13 Dec 2001 13:00:13 +0100 Received: with LISTAR (v1.0.0; list linux-crypto); Thu, 13 Dec 2001 13:00:02 +0100 (CET) Received: from legba.tvnet.hu ([IPv6:::ffff:195.38.96.20]:43669 "EHLO legba.tvnet.hu") by humbolt.nl.linux.org with ESMTP id ; Thu, 13 Dec 2001 12:59:42 +0100 Received: from kain.satimex.tvnet.hu (quaker.satimex.tvnet.hu [195.38.97.169]) by legba.tvnet.hu (8.9.3+Sun/8.9.3) with ESMTP id MAA07439 for ; Thu, 13 Dec 2001 12:59:31 +0100 (MET) Message-Id: <5.0.0.25.2.20011213125106.01c3c820@pop.tvnet.hu> X-Sender: newsmail@pop.tvnet.hu X-Mailer: QUALCOMM Windows Eudora Version 5.0 Date: Thu, 13 Dec 2001 12:56:17 +0100 To: linux-crypto@nl.linux.org From: Newsmail Subject: a question about ciphers Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed X-listar-version: Listar v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: newsmail@satimex.tvnet.hu Precedence: bulk List-help: List-unsubscribe: List-software: Listar version 1.0.0 X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-archive@nl.linux.org Original-Recipient: rfc822;linux-crypto-archive@nl.linux.org hello everybody, I'm quite new in encryption, but I want to encrypt some complete partitions on my pc. actually I see many cipher types I can use, but I dont know which one to choose. I heard that 3des is very slow, cpu intensive cipher. well this is the more I know about them. somebody could help me which cipher to choose, which is the faster, what about their caracterisiques, or at least give me an url where I can find description of them? thx Greg - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Thu Dec 13 13:41:48 2001 Received: from localhost.nl.linux.org ([IPv6:::ffff:127.0.0.1]:1507 "EHLO humbolt.") by humbolt.nl.linux.org with ESMTP id ; Thu, 13 Dec 2001 13:41:39 +0100 Received: with LISTAR (v1.0.0; list linux-crypto); Thu, 13 Dec 2001 13:41:11 +0100 (CET) Received: from twofish.wiretrip.org ([IPv6:::ffff:195.64.82.87]:51866 "EHLO twofish.wiretrip.org") by humbolt.nl.linux.org with ESMTP id ; Thu, 13 Dec 2001 13:40:50 +0100 Received: from rvdm by twofish.wiretrip.org with local (Exim 3.33 #1 (Debian)) id 16EV5n-0005Gq-00; Thu, 13 Dec 2001 13:36:03 +0100 Date: Thu, 13 Dec 2001 13:36:03 +0100 From: Robert van der Meulen To: Newsmail Cc: linux-crypto@nl.linux.org Subject: Re: a question about ciphers Message-ID: <20011213133603.G19113@wiretrip.org> References: <5.0.0.25.2.20011213125106.01c3c820@pop.tvnet.hu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <5.0.0.25.2.20011213125106.01c3c820@pop.tvnet.hu> User-Agent: Mutt/1.3.23i X-listar-version: Listar v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: rvdm@wiretrip.org Precedence: bulk List-help: List-unsubscribe: List-software: Listar version 1.0.0 X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-archive@nl.linux.org Original-Recipient: rfc822;linux-crypto-archive@nl.linux.org Hi, Quoting Newsmail (newsmail@satimex.tvnet.hu): > hello everybody, I'm quite new in encryption, but I want to encrypt some > complete partitions on my pc. actually I see many cipher types I can use, > but I dont know which one to choose. I heard that 3des is very slow, cpu > intensive cipher. well this is the more I know about them. somebody could > help me which cipher to choose, which is the faster, what about their > caracterisiques, or at least give me an url where I can find description of > them? Most of the cyphers supported are AES candidates, the other cyphers are proven/wellknown/'older' ones. The AES candidates are pretty well analysed, and this analysis is documented (i don't recall where the documents reside, i only have a paper version here). Rijndael 'won' the AES run; this means it was decided to be a good cypher for general use. The analysis document is more specific on the usage of the various cyphers for various tasks. You should make your decision based on performance, strength and proven-ness; as long as you keep the rule 'encrypt it strong enough to make the cost of decrypting more expensive than the data itself' in mind you'll be fine :) (ofcourse keeping future technological advances in the back of your head). Greets, Robert -- Linux Generation encrypted mail preferred. finger rvdm@debian.org for my GnuPG/PGP key. All extremists should be taken out and shot. - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Thu Dec 13 13:57:40 2001 Received: from localhost.nl.linux.org ([IPv6:::ffff:127.0.0.1]:41959 "EHLO humbolt.") by humbolt.nl.linux.org with ESMTP id ; Thu, 13 Dec 2001 13:57:30 +0100 Received: with LISTAR (v1.0.0; list linux-crypto); Thu, 13 Dec 2001 13:57:04 +0100 (CET) Received: from mail2.alcatel.fr ([IPv6:::ffff:212.208.74.132]:51343 "EHLO mel.alcatel.fr") by humbolt.nl.linux.org with ESMTP id ; Thu, 13 Dec 2001 13:56:56 +0100 Received: from aifhs2.alcatel.fr (mailhub.alcatel.fr [155.132.180.80]) by mel.alcatel.fr (ALCANET) with ESMTP id fBDCujf0002922 for ; Thu, 13 Dec 2001 13:56:45 +0100 Received: from bsf.alcatel.fr (mail205.dit.sxb.bsf.alcatel.fr [155.132.205.115]) by aifhs2.alcatel.fr (ALCANET/SMTP2) with ESMTP id NAA13182 for ; Thu, 13 Dec 2001 13:55:57 +0100 (MET) Received: from mail (mail-bsf-alcatel-fr.dit.sxb.bsf.alcatel.fr [155.132.205.91]) by bsf.alcatel.fr (8.8.8+Sun/8.9.3) with ESMTP id NAA02436 for ; Thu, 13 Dec 2001 13:56:42 +0100 (MET) Received: from albatros (albatros [172.25.48.152]) by mail (8.8.8+Sun/) with ESMTP id NAA02432 for ; Thu, 13 Dec 2001 13:56:41 +0100 (MET) Received: from sxb.bsf.alcatel.fr by albatros (8.10.2+Sun/ABS1.5) id fBDCue203001; Thu, 13 Dec 2001 13:56:41 +0100 (MET) Message-ID: <3C18A588.77BB22B7@sxb.bsf.alcatel.fr> Date: Thu, 13 Dec 2001 13:56:40 +0100 From: Pierre PEIFFER X-Mailer: Mozilla 4.79 [en] (X11; U; SunOS 5.8 sun4u) X-Accept-Language: fr-FR, en MIME-Version: 1.0 To: linux-crypto@nl.linux.org Subject: DES_EDE3 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-listar-version: Listar v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: pierre.peiffer@sxb.bsf.alcatel.fr Precedence: bulk List-help: List-unsubscribe: List-software: Listar version 1.0.0 X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-archive@nl.linux.org Original-Recipient: rfc822;linux-crypto-archive@nl.linux.org Hi, I just have a short question: is DES3 crypto still working/supported ? aes and twofish (for example) works fine.... I use the latest patch with 2.4.16 kernel (patch-int-2.4.16.2), latest patch of util-linux... But with des3, I have the (classical) error: [root@]# losetup -e des-ede3 /dev/loop0 initrd.img Mot de passe : The cipher does not exist, or a cipher module needs to be loaded into the kernel ioctl: LOOP_SET_STATUS: Param�tre invalide All needed modules are inserted... Pierre Note: for loop patch (hvr and jari), what are the differences between the both patch ? And which one do you recommand to use ? - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Thu Dec 13 14:07:15 2001 Received: from localhost.nl.linux.org ([IPv6:::ffff:127.0.0.1]:35050 "EHLO humbolt.") by humbolt.nl.linux.org with ESMTP id ; Thu, 13 Dec 2001 14:06:51 +0100 Received: with LISTAR (v1.0.0; list linux-crypto); Thu, 13 Dec 2001 14:06:24 +0100 (CET) Received: from mail2.uni-bielefeld.de ([IPv6:::ffff:129.70.4.90]:4524 "EHLO mail.uni-bielefeld.de") by humbolt.nl.linux.org with ESMTP id ; Thu, 13 Dec 2001 14:06:10 +0100 Received: from dirichlet.mathematik.uni-bielefeld.de (dirichlet.Mathematik.Uni-Bielefeld.DE [129.70.24.67]) by mail.uni-bielefeld.de (Sun Internet Mail Server sims.4.0.2000.10.12.16.25.p8) with ESMTP id <0GOA00J599PTA0@mail.uni-bielefeld.de> for linux-crypto@nl.linux.org; Thu, 13 Dec 2001 14:05:54 +0100 (MET) Date: Thu, 13 Dec 2001 14:09:20 +0100 From: Marc Mutz Subject: Re: a question about ciphers In-reply-to: <5.0.0.25.2.20011213125106.01c3c820@pop.tvnet.hu> To: Newsmail , linux-crypto@nl.linux.org Message-id: <200112131359.5331@sendmail.mutz.com> MIME-version: 1.0 X-Mailer: KMail [version 1.3.7] Content-type: text/plain; charset=us-ascii Content-transfer-encoding: 7BIT X-PGP-Key: 0xBDBFE838 References: <5.0.0.25.2.20011213125106.01c3c820@pop.tvnet.hu> X-listar-version: Listar v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: Marc@Mutz.com Precedence: bulk List-help: List-unsubscribe: List-software: Listar version 1.0.0 X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-archive@nl.linux.org Original-Recipient: rfc822;linux-crypto-archive@nl.linux.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thursday 13 December 2001 12:56, Newsmail wrote: > hello everybody, I'm quite new in encryption, but I want to encrypt > some complete partitions on my pc. actually I see many cipher types I > can use, but I dont know which one to choose. I heard that 3des is > very slow, cpu intensive cipher. The question boils down to twofish, blowfish, serpent and aes. blowfish is fast and has quite a long track record. I'd use it if it wasn't for the 64bit blocksize. In fact, I do use it ;-) The blocksize isn't an issue if you enrypt only modest volumes of data under a single key (like you should!) Several hundred MB are OK. But don't go beyond 2 or 3 GB. serpent is quite fast (but more because the implementation is fast and the others aren't) and considered very secure. It's a 128bit block cipher so you don't need to think about upper limits on data encrypted under a single key. twofish is not quite as fast, but deemed trustworthy and secure by experts in the field. It's also 128bit. Bruce Schneier fans would use this (or blowfish). I don't know much about the speed of aes, but obviously it's the standard cipher nowadays and chosen by NIST although it isn't a US product ;-) So either it has some design flaws that NSA knows about and the rest of the world doesn't or it is so secure that even NSA didn't find a hole ;-) Anyway, I'd be careful with this one, but mostly because I don't know anything about the quality of the implementation. As I said earlier, I've used blowfish all over and it never failed me... But beware of the size limitations. Marc - -- If privacy is outlawed, only outlaws will have privacy. -- Phil Zimmermann -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE8GKiA3oWD+L2/6DgRAhTFAJ9+N6tAHsYgrVO8G6rLlCpOA7h+LACePxtf NUgMJ5l/ClVaV7NskJXFJ0Q= =RLDz -----END PGP SIGNATURE----- - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Thu Dec 13 15:03:51 2001 Received: from localhost.nl.linux.org ([IPv6:::ffff:127.0.0.1]:51841 "EHLO humbolt.") by humbolt.nl.linux.org with ESMTP id ; Thu, 13 Dec 2001 15:03:40 +0100 Received: with LISTAR (v1.0.0; list linux-crypto); Thu, 13 Dec 2001 15:03:31 +0100 (CET) Received: from legba.tvnet.hu ([IPv6:::ffff:195.38.96.20]:47772 "EHLO legba.tvnet.hu") by humbolt.nl.linux.org with ESMTP id ; Thu, 13 Dec 2001 15:03:16 +0100 Received: from kain.satimex.tvnet.hu (quaker.satimex.tvnet.hu [195.38.97.169]) by legba.tvnet.hu (8.9.3+Sun/8.9.3) with ESMTP id PAA12842 for ; Thu, 13 Dec 2001 15:03:04 +0100 (MET) Message-Id: <5.0.0.25.2.20011213145640.01d04ea8@pop.tvnet.hu> X-Sender: newsmail@pop.tvnet.hu X-Mailer: QUALCOMM Windows Eudora Version 5.0 Date: Thu, 13 Dec 2001 14:59:49 +0100 To: linux-crypto@nl.linux.org From: Newsmail Subject: some other questions Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed X-listar-version: Listar v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: newsmail@satimex.tvnet.hu Precedence: bulk List-help: List-unsubscribe: List-software: Listar version 1.0.0 X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-archive@nl.linux.org Original-Recipient: rfc822;linux-crypto-archive@nl.linux.org thx Marc, and Robert for your answers, could you tell me what the block size means? what is the difference between aes128 and aes256 for exemple, is it related to the 'deepness' of encryption? btw I have more than 3 gig to encrypt, if I encrypt than I encrypt everything :), so blowfish doesnt support more than 3 gigs lets say, so Marc you recommend Serpent? greg ps: if I want to use patch-int-2.4.16.2, do I have to install the hrv or jari loop pacthes or these are included in 2.4.16.2? - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Thu Dec 13 15:15:15 2001 Received: from localhost.nl.linux.org ([IPv6:::ffff:127.0.0.1]:2948 "EHLO humbolt.") by humbolt.nl.linux.org with ESMTP id ; Thu, 13 Dec 2001 15:14:56 +0100 Received: with LISTAR (v1.0.0; list linux-crypto); Thu, 13 Dec 2001 15:14:45 +0100 (CET) Received: from erasmus.off.net ([IPv6:::ffff:64.39.30.25]:1544 "EHLO erasmus.off.net") by humbolt.nl.linux.org with ESMTP id ; Thu, 13 Dec 2001 15:14:30 +0100 Received: by erasmus.off.net (Postfix, from userid 929) id 73E445456A; Thu, 13 Dec 2001 09:14:16 -0500 (EST) Date: Thu, 13 Dec 2001 09:14:16 -0500 From: Jerome Etienne To: Marc Mutz Cc: Newsmail , linux-crypto@nl.linux.org Subject: Re: a question about ciphers Message-ID: <20011213091416.A18458@long-haul.net> Reply-To: Jerome Etienne References: <5.0.0.25.2.20011213125106.01c3c820@pop.tvnet.hu> <200112131359.5331@sendmail.mutz.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <200112131359.5331@sendmail.mutz.com>; from Marc@Mutz.com on Thu, Dec 13, 2001 at 02:09:20PM +0100 X-listar-version: Listar v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: jme@off.net Precedence: bulk List-help: List-unsubscribe: List-software: Listar version 1.0.0 X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-archive@nl.linux.org Original-Recipient: rfc822;linux-crypto-archive@nl.linux.org > blowfish is fast and has quite a long track record. I'd use it if it > wasn't for the 64bit blocksize. In fact, I do use it ;-) > The blocksize isn't an issue if you enrypt only modest volumes of data > under a single key (like you should!) Several hundred MB are OK. But > don't go beyond 2 or 3 GB. what are the detail of the problem with blowfish beyond 2 or 3GB ? - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Thu Dec 13 16:16:43 2001 Received: from localhost.nl.linux.org ([IPv6:::ffff:127.0.0.1]:40588 "EHLO humbolt.") by humbolt.nl.linux.org with ESMTP id ; Thu, 13 Dec 2001 16:16:36 +0100 Received: with LISTAR (v1.0.0; list linux-crypto); Thu, 13 Dec 2001 16:16:26 +0100 (CET) Received: from mail2.uni-bielefeld.de ([IPv6:::ffff:129.70.4.90]:42466 "EHLO mail.uni-bielefeld.de") by humbolt.nl.linux.org with ESMTP id ; Thu, 13 Dec 2001 16:16:07 +0100 Received: from dirichlet.mathematik.uni-bielefeld.de (dirichlet.Mathematik.Uni-Bielefeld.DE [129.70.24.67]) by mail.uni-bielefeld.de (Sun Internet Mail Server sims.4.0.2000.10.12.16.25.p8) with ESMTP id <0GOA000IBFQH2F@mail.uni-bielefeld.de> for linux-crypto@nl.linux.org; Thu, 13 Dec 2001 16:15:54 +0100 (MET) Date: Thu, 13 Dec 2001 16:19:18 +0100 From: Marc Mutz Subject: Re: a question about ciphers In-reply-to: <20011213091416.A18458@long-haul.net> To: Jerome Etienne Cc: Newsmail , linux-crypto@nl.linux.org Message-id: <200112131618.03231@sendmail.mutz.com> MIME-version: 1.0 X-Mailer: KMail [version 1.3.7] Content-type: text/plain; charset=us-ascii Content-transfer-encoding: 7BIT X-PGP-Key: 0xBDBFE838 References: <5.0.0.25.2.20011213125106.01c3c820@pop.tvnet.hu> <200112131359.5331@sendmail.mutz.com> <20011213091416.A18458@long-haul.net> X-listar-version: Listar v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: Marc@Mutz.com Precedence: bulk List-help: List-unsubscribe: List-software: Listar version 1.0.0 X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-archive@nl.linux.org Original-Recipient: rfc822;linux-crypto-archive@nl.linux.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thursday 13 December 2001 15:14, Jerome Etienne wrote: > > blowfish is fast and has quite a long track record. I'd use it if > > it wasn't for the 64bit blocksize. In fact, I do use it ;-) > > The blocksize isn't an issue if you enrypt only modest volumes of > > data under a single key (like you should!) Several hundred MB are > > OK. But don't go beyond 2 or 3 GB. > > what are the detail of the problem with blowfish beyond 2 or 3GB ? Birthday attack. Equal ciphertexts are being generated. Actually, the boundary is 32G, but it's best to stay away from it. Marc - -- History teaches that grave threats to liberty often come in times of urgency, when constitutional rights seem too extravagant to endure. -- Justice Thurgood Marshall, 1989 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE8GMb23oWD+L2/6DgRAiQ7AJ9uZGuGOJdH3+EwMnxlSBdEFmj2PQCfTE2L HrkVcY6sOQL+sICsV1IiWfo= =vOOk -----END PGP SIGNATURE----- - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Thu Dec 13 16:21:46 2001 Received: from localhost.nl.linux.org ([IPv6:::ffff:127.0.0.1]:31374 "EHLO humbolt.") by humbolt.nl.linux.org with ESMTP id ; Thu, 13 Dec 2001 16:21:33 +0100 Received: with LISTAR (v1.0.0; list linux-crypto); Thu, 13 Dec 2001 16:21:28 +0100 (CET) Received: from mail2.uni-bielefeld.de ([IPv6:::ffff:129.70.4.90]:51940 "EHLO mail.uni-bielefeld.de") by humbolt.nl.linux.org with ESMTP id ; Thu, 13 Dec 2001 16:21:19 +0100 Received: from dirichlet.mathematik.uni-bielefeld.de (dirichlet.Mathematik.Uni-Bielefeld.DE [129.70.24.67]) by mail.uni-bielefeld.de (Sun Internet Mail Server sims.4.0.2000.10.12.16.25.p8) with ESMTP id <0GOA000KXFZ41U@mail.uni-bielefeld.de> for linux-crypto@nl.linux.org; Thu, 13 Dec 2001 16:21:04 +0100 (MET) Date: Thu, 13 Dec 2001 16:24:30 +0100 From: Marc Mutz Subject: Re: some other questions In-reply-to: <5.0.0.25.2.20011213145640.01d04ea8@pop.tvnet.hu> To: Newsmail , linux-crypto@nl.linux.org Message-id: <200112131619.49978@sendmail.mutz.com> MIME-version: 1.0 X-Mailer: KMail [version 1.3.7] Content-type: text/plain; charset=us-ascii Content-transfer-encoding: 7BIT X-PGP-Key: 0xBDBFE838 References: <5.0.0.25.2.20011213145640.01d04ea8@pop.tvnet.hu> X-listar-version: Listar v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: Marc@Mutz.com Precedence: bulk List-help: List-unsubscribe: List-software: Listar version 1.0.0 X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-archive@nl.linux.org Original-Recipient: rfc822;linux-crypto-archive@nl.linux.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thursday 13 December 2001 14:59, Newsmail wrote: > thx Marc, and Robert for your answers, could you tell me what the > block size means? Block ciphers do encryption and decryption on blocks of bit (hence the name). blowfish operates on 64bit-blocks, All AES candidates operate on 128bit blocks. > what is the difference between aes128 and aes256 > for exemple, is it related to the 'deepness' of encryption? Here, 128/256 is the key length. You won't need 256, stay with 128. > btw I have more than 3 gig to encrypt, if I encrypt than I encrypt > everything :), so blowfish doesnt support more than 3 gigs lets say, Well, blowfish happily encrypts arbitary volumes of data, but you have to limit the amount of data encrypted under a single key becuase else you can make it easier for attackers. Consider partitioning your data in 2G chunks. Then encrypt each partition with another key. Voila - you're done. > so Marc you recommend Serpent? As well as any other of the ones I mentioned. > ps: if I want to use patch-int-2.4.16.2, do I have to install the hrv > or jari loop pacthes or these are included in 2.4.16.2? Dunno. Check the archives for announcements. Marc - -- "Similia similibus currentur" -- Bush's new motto in fighting terrorism. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE8GMgu3oWD+L2/6DgRAltbAJwJslLvNLcNdOtViZsSfnsr7eTPUwCfQ2e8 8oVqlcLMswqd+2ZR2ZoXk4s= =jewb -----END PGP SIGNATURE----- - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Thu Dec 13 17:02:48 2001 Received: from localhost.nl.linux.org ([IPv6:::ffff:127.0.0.1]:58772 "EHLO humbolt.") by humbolt.nl.linux.org with ESMTP id ; Thu, 13 Dec 2001 17:02:36 +0100 Received: with LISTAR (v1.0.0; list linux-crypto); Thu, 13 Dec 2001 17:02:28 +0100 (CET) Received: from erasmus.off.net ([IPv6:::ffff:64.39.30.25]:26120 "EHLO erasmus.off.net") by humbolt.nl.linux.org with ESMTP id ; Thu, 13 Dec 2001 17:02:17 +0100 Received: by erasmus.off.net (Postfix, from userid 929) id 4C8725456A; Thu, 13 Dec 2001 11:02:06 -0500 (EST) Date: Thu, 13 Dec 2001 11:02:06 -0500 From: Jerome Etienne To: Marc Mutz Cc: Jerome Etienne , Newsmail , linux-crypto@nl.linux.org Subject: Re: a question about ciphers Message-ID: <20011213110206.B18706@long-haul.net> Reply-To: Jerome Etienne References: <5.0.0.25.2.20011213125106.01c3c820@pop.tvnet.hu> <200112131359.5331@sendmail.mutz.com> <20011213091416.A18458@long-haul.net> <200112131618.03231@sendmail.mutz.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <200112131618.03231@sendmail.mutz.com>; from Marc@Mutz.com on Thu, Dec 13, 2001 at 04:19:18PM +0100 X-listar-version: Listar v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: jme@off.net Precedence: bulk List-help: List-unsubscribe: List-software: Listar version 1.0.0 X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-archive@nl.linux.org Original-Recipient: rfc822;linux-crypto-archive@nl.linux.org On Thu, Dec 13, 2001 at 04:19:18PM +0100, Marc Mutz wrote: > > > blowfish is fast and has quite a long track record. I'd use it if > > > it wasn't for the 64bit blocksize. In fact, I do use it ;-) > > > The blocksize isn't an issue if you enrypt only modest volumes of > > > data under a single key (like you should!) Several hundred MB are > > > OK. But don't go beyond 2 or 3 GB. > > > > what are the detail of the problem with blowfish beyond 2 or 3GB ? > > Birthday attack. Equal ciphertexts are being generated. Actually, the > boundary is 32G, but it's best to stay away from it. suppose you are the attacker and get data encrypted with a block cipher, two or more cipher texts block are equal, which information did get from it ? - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Thu Dec 13 17:10:40 2001 Received: from localhost.nl.linux.org ([IPv6:::ffff:127.0.0.1]:64664 "EHLO humbolt.") by humbolt.nl.linux.org with ESMTP id ; Thu, 13 Dec 2001 17:10:29 +0100 Received: with LISTAR (v1.0.0; list linux-crypto); Thu, 13 Dec 2001 17:10:21 +0100 (CET) Received: from mail0.epfl.ch ([IPv6:::ffff:128.178.50.57]:13582 "HELO mail0.epfl.ch") by humbolt.nl.linux.org with SMTP id convert rfc822-to-8bit; Thu, 13 Dec 2001 17:10:07 +0100 Received: (qmail 18861 invoked from network); 13 Dec 2001 16:09:50 -0000 Received: from lasecpc10.epfl.ch (128.178.73.62) by mail0.epfl.ch with SMTP; 13 Dec 2001 16:09:50 -0000 Date: Thu, 13 Dec 2001 17:11:48 +0100 (CET) From: Pascal Junod X-X-Sender: pjunod@lasecpc10.epfl.ch To: Jerome Etienne cc: linux-crypto@nl.linux.org Subject: Re: a question about ciphers In-Reply-To: <20011213110206.B18706@long-haul.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=iso-8859-1 Content-Transfer-Encoding: 8BIT X-listar-version: Listar v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: pascal.junod@epfl.ch Precedence: bulk List-help: List-unsubscribe: List-software: Listar version 1.0.0 X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-archive@nl.linux.org Original-Recipient: rfc822;linux-crypto-archive@nl.linux.org On Thu, 13 Dec 2001, Jerome Etienne wrote: > suppose you are the attacker and get data encrypted with a block cipher, > two or more cipher texts block are equal, which information did get > from it ? If the encryption mode is ECB, you know that both plaintexts are equal. If the encryption mode is CBC, you know some information about the XOR of two plaintexts. There exists similar attacks for OFB and CFB, which retrieve some (Shannon) information. A+ Pascal -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ * Pascal Junod, pascal.junod@epfl.ch * * Security and Cryptography Laboratory (LASEC) * * INF 240, EPFL, CH-1015 Lausanne, Switzerland ++41 (0)21 693 76 17 * * Mont�tan 13, CH-1004 Lausanne ++41 (0)79 617 28 57 * ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Thu Dec 13 17:27:10 2001 Received: from localhost.nl.linux.org ([IPv6:::ffff:127.0.0.1]:412 "EHLO humbolt.") by humbolt.nl.linux.org with ESMTP id ; Thu, 13 Dec 2001 17:26:51 +0100 Received: with LISTAR (v1.0.0; list linux-crypto); Thu, 13 Dec 2001 17:26:34 +0100 (CET) Received: from mail2.uni-bielefeld.de ([IPv6:::ffff:129.70.4.90]:8697 "EHLO mail.uni-bielefeld.de") by humbolt.nl.linux.org with ESMTP id ; Thu, 13 Dec 2001 17:26:23 +0100 Received: from dirichlet.mathematik.uni-bielefeld.de (dirichlet.Mathematik.Uni-Bielefeld.DE [129.70.24.67]) by mail.uni-bielefeld.de (Sun Internet Mail Server sims.4.0.2000.10.12.16.25.p8) with ESMTP id <0GOA003DTIZINA@mail.uni-bielefeld.de> for linux-crypto@nl.linux.org; Thu, 13 Dec 2001 17:26:08 +0100 (MET) Date: Thu, 13 Dec 2001 17:29:32 +0100 From: Marc Mutz Subject: Re: a question about ciphers In-reply-to: <20011213110206.B18706@long-haul.net> To: Jerome Etienne Cc: Jerome Etienne , Newsmail , linux-crypto@nl.linux.org Message-id: <200112131728.45147@sendmail.mutz.com> MIME-version: 1.0 X-Mailer: KMail [version 1.3.7] Content-type: text/plain; charset=us-ascii Content-transfer-encoding: 7BIT X-PGP-Key: 0xBDBFE838 References: <5.0.0.25.2.20011213125106.01c3c820@pop.tvnet.hu> <200112131618.03231@sendmail.mutz.com> <20011213110206.B18706@long-haul.net> X-listar-version: Listar v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: Marc@Mutz.com Precedence: bulk List-help: List-unsubscribe: List-software: Listar version 1.0.0 X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-archive@nl.linux.org Original-Recipient: rfc822;linux-crypto-archive@nl.linux.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thursday 13 December 2001 17:02, Jerome Etienne wrote: > suppose you are the attacker and get data encrypted with a block > cipher, two or more cipher texts block are equal, which information > did get from it ? Cryptography isn't compatible with common sense. Read a good book about it, then come back. Sorry. Marc - -- Eternal vigilance is the price of liberty -- Thomas Jefferson -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE8GNds3oWD+L2/6DgRAvK/AJ9ZnPqb1uzdtr8t71NEt48U++Ii2gCgn4qj spxh9xHsE/QJLCRSyx7x+tk= =VwBQ -----END PGP SIGNATURE----- - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Thu Dec 13 17:28:12 2001 Received: from localhost.nl.linux.org ([IPv6:::ffff:127.0.0.1]:13469 "EHLO humbolt.") by humbolt.nl.linux.org with ESMTP id ; Thu, 13 Dec 2001 17:28:06 +0100 Received: with LISTAR (v1.0.0; list linux-crypto); Thu, 13 Dec 2001 17:27:59 +0100 (CET) Received: from ns2.sentex.ca ([IPv6:::ffff:199.212.134.2]:60173 "EHLO marble.sentex.ca") by humbolt.nl.linux.org with ESMTP id ; Thu, 13 Dec 2001 17:26:46 +0100 Received: from plebeian.sentex.net (pyroxene.sentex.ca [199.212.134.18]) by marble.sentex.ca (8.11.1/8.11.1) with ESMTP id fBDGQVC97818 for ; Thu, 13 Dec 2001 11:26:35 -0500 (EST) Message-Id: <5.1.0.14.2.20011213112519.045aae08@marble.sentex.ca> X-Sender: damian@marble.sentex.ca X-Mailer: QUALCOMM Windows Eudora Version 5.1 Date: Thu, 13 Dec 2001 11:28:36 -0500 To: linux-crypto@nl.linux.org From: Damian Gerow Subject: crypto basics Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed X-listar-version: Listar v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: damian@sentex.net Precedence: bulk List-help: List-unsubscribe: List-software: Listar version 1.0.0 X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-archive@nl.linux.org Original-Recipient: rfc822;linux-crypto-archive@nl.linux.org After following the brief discussion this morning about Blowfish, Twofish, Serpent, and AES, I've realized that I don't know nearly what I had hoped I did when it came to encryption. Does anyone have a link (or a document they can post on the web) that points to the basics of encryption? And I don't mean like 'Encryption is when you take what you wrote (plaintext) and enrypt it so that nobody can read it (ciphertext).' I'm looking for something a little more advanced -- that would explain block sizes, CBC, EBC, and their relative strengths and weaknesses. And (what I'd really like to see) does anyone know of a complete rundown of all the ciphers that are available in the kernel? The help was just enough to whet my appetite -- and I'm really curious to see why AES is ... not well liked. - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Thu Dec 13 17:32:45 2001 Received: from localhost.nl.linux.org ([IPv6:::ffff:127.0.0.1]:28319 "EHLO humbolt.") by humbolt.nl.linux.org with ESMTP id ; Thu, 13 Dec 2001 17:32:30 +0100 Received: with LISTAR (v1.0.0; list linux-crypto); Thu, 13 Dec 2001 17:32:25 +0100 (CET) Received: from erasmus.off.net ([IPv6:::ffff:64.39.30.25]:29704 "EHLO erasmus.off.net") by humbolt.nl.linux.org with ESMTP id ; Thu, 13 Dec 2001 17:32:17 +0100 Received: by erasmus.off.net (Postfix, from userid 929) id 8D5D95456A; Thu, 13 Dec 2001 11:32:07 -0500 (EST) Date: Thu, 13 Dec 2001 11:32:07 -0500 From: Jerome Etienne To: Pascal Junod Cc: Jerome Etienne , linux-crypto@nl.linux.org Subject: Re: a question about ciphers Message-ID: <20011213113207.C18706@long-haul.net> Reply-To: Jerome Etienne References: <20011213110206.B18706@long-haul.net> Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit User-Agent: Mutt/1.2.5i In-Reply-To: ; from pascal.junod@epfl.ch on Thu, Dec 13, 2001 at 05:11:48PM +0100 X-listar-version: Listar v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: jme@off.net Precedence: bulk List-help: List-unsubscribe: List-software: Listar version 1.0.0 X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-archive@nl.linux.org Original-Recipient: rfc822;linux-crypto-archive@nl.linux.org On Thu, Dec 13, 2001 at 05:11:48PM +0100, Pascal Junod wrote: > On Thu, 13 Dec 2001, Jerome Etienne wrote: > > > suppose you are the attacker and get data encrypted with a block cipher, > > two or more cipher texts block are equal, which information did get > > from it ? > > > If the encryption mode is ECB, you know that both plaintexts are equal. > If the encryption mode is CBC, you know some information about the XOR of > two plaintexts. thanks. just to check i get it... according to my understanding, cbc encryption is Cn = Enc( Cn-1 xor Pn ) and C'n = Enc( C'n-1 xor P'n ). if Cn == C'n, the attacker knows that Cn-1 xor Pn == C'n-1 xor Pn-1 and Pn xor P'n == Cn xor Cn-1. As Cn-1 and C'n-1 are known, he knows exactly the value of Pn xor P'n. is it correct ? do you have any reference where i could learn more about it ? > There exists similar attacks for OFB and CFB, which retrieve some > (Shannon) information. > > A+ > > Pascal > > -- > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > * Pascal Junod, pascal.junod@epfl.ch * > * Security and Cryptography Laboratory (LASEC) * > * INF 240, EPFL, CH-1015 Lausanne, Switzerland ++41 (0)21 693 76 17 * > * Mont�tan 13, CH-1004 Lausanne ++41 (0)79 617 28 57 * > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > > - > Linux-crypto: cryptography in and on the Linux system > Archive: http://mail.nl.linux.org/linux-crypto/ - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Thu Dec 13 17:34:33 2001 Received: from localhost.nl.linux.org ([IPv6:::ffff:127.0.0.1]:1441 "EHLO humbolt.") by humbolt.nl.linux.org with ESMTP id ; Thu, 13 Dec 2001 17:34:20 +0100 Received: with LISTAR (v1.0.0; list linux-crypto); Thu, 13 Dec 2001 17:34:15 +0100 (CET) Received: from twofish.wiretrip.org ([IPv6:::ffff:195.64.82.87]:7068 "EHLO twofish.wiretrip.org") by humbolt.nl.linux.org with ESMTP id ; Thu, 13 Dec 2001 17:34:03 +0100 Received: from rvdm by twofish.wiretrip.org with local (Exim 3.33 #1 (Debian)) id 16EYjV-00065f-00; Thu, 13 Dec 2001 17:29:17 +0100 Date: Thu, 13 Dec 2001 17:29:17 +0100 From: Robert van der Meulen To: Damian Gerow Cc: linux-crypto@nl.linux.org Subject: Re: crypto basics Message-ID: <20011213172917.A23073@wiretrip.org> References: <5.1.0.14.2.20011213112519.045aae08@marble.sentex.ca> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <5.1.0.14.2.20011213112519.045aae08@marble.sentex.ca> User-Agent: Mutt/1.3.23i X-listar-version: Listar v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: rvdm@wiretrip.org Precedence: bulk List-help: