From linux-crypto-bounce@nl.linux.org Thu May 04 11:32:10 2006 Received: from localhost ([127.0.0.1] helo=humbolt) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FbaBj-0001vh-9h; Thu, 04 May 2006 11:31:59 +0200 Received: with ECARTIS (v1.0.0; list linux-crypto); Thu, 04 May 2006 11:31:22 +0200 (CEST) Received: from smtp805.mail.ukl.yahoo.com ([217.12.12.195]) by humbolt.nl.linux.org with smtp (Exim 4.22) id 1FbaAV-0001t6-Lz for linux-crypto@nl.linux.org; Thu, 04 May 2006 11:30:43 +0200 Received: (qmail 45759 invoked from network); 4 May 2006 09:29:57 -0000 Received: from unknown (HELO happydays) (leipold@btinternet.com@86.144.65.48 with login) by smtp805.mail.ukl.yahoo.com with SMTP; 4 May 2006 09:29:57 -0000 Message-ID: <000901c66f5d$4d3fdb30$0201a8c0@happydays> From: "jamesleipold" To: Subject: no e mail message Date: Thu, 4 May 2006 10:29:53 +0100 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_0006_01C66F65.AE9DB930" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.2869 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2869 Received-SPF: X-Spam-Status: No, score=0.1 required=5.0 tests=BAYES_50,HTML_80_90, HTML_MESSAGE autolearn=no version=3.0.1 X-Spam-Level: X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on humbolt.nl.linux.org X-ecartis-version: Ecartis v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: leipold@btinternet.com Precedence: bulk List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto This is a multi-part message in MIME format. ------=_NextPart_000_0006_01C66F65.AE9DB930 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable there is no response in my in box ------=_NextPart_000_0006_01C66F65.AE9DB930 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable
there is no response in my in=20 box
------=_NextPart_000_0006_01C66F65.AE9DB930-- - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Fri May 05 08:44:26 2006 Received: from localhost ([127.0.0.1] helo=humbolt) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1Fbu34-0006R6-0u; Fri, 05 May 2006 08:44:22 +0200 Received: with ECARTIS (v1.0.0; list linux-crypto); Fri, 05 May 2006 08:43:36 +0200 (CEST) Received: from smtp2.abanet.org ([208.49.131.50]) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1Fbu24-0006PR-MJ for linux-crypto@nl.linux.org; Fri, 05 May 2006 08:43:20 +0200 Received: from CHG-EMB-01.aba.ad.abanet.org (localhost [127.0.0.1]) by smtp2.abanet.org with ESMTP id k456gfYm008303 for ; Fri, 5 May 2006 01:42:41 -0500 (CDT) X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01C6700F.1B234B9E" Subject: Out of Office AutoReply: Returned mail: Data format error Date: Fri, 5 May 2006 01:42:40 -0500 Message-ID: X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: Returned mail: Data format error Thread-Index: AcZwDxq/wvkneai+TfaWhDKGMqWfvAAAABmv From: "Camillucci, Karl" To: Received-SPF: X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on humbolt.nl.linux.org X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=BAYES_50,HTML_40_50, HTML_MESSAGE autolearn=no version=3.0.1 X-ecartis-version: Ecartis v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: CamilluK@staff.abanet.org Precedence: bulk List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto This is a multi-part message in MIME format. ------_=_NextPart_001_01C6700F.1B234B9E Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable I am out of the office on association business until May 5. I will have = limited access to email during this time. If you are a reporter who needs prompt assistance, please email = abanews@abanet.org, and your inquiry will be forwarded to a colleague = who can assist you. Otherwise, I will respond to your message as soon as I can. Thank you.=20 Karl Camillucci ------_=_NextPart_001_01C6700F.1B234B9E Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Out of Office AutoReply: Returned mail: Data format error

I am out of the office on association business until = May 5.  I will have limited access to email during this time.

If you are a reporter who needs prompt assistance, please email = abanews@abanet.org, and your inquiry will be forwarded to a colleague = who can assist you.

Otherwise, I will respond to your message as soon as I can.

Thank you.

Karl Camillucci

------_=_NextPart_001_01C6700F.1B234B9E-- - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Fri May 05 15:03:18 2006 Received: from localhost ([127.0.0.1] helo=humbolt) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1Fbzxi-0007D9-6x; Fri, 05 May 2006 15:03:14 +0200 Received: with ECARTIS (v1.0.0; list linux-crypto); Fri, 05 May 2006 15:02:14 +0200 (CEST) Received: from nf-out-0910.google.com ([64.233.182.186]) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1Fbzvx-00077Q-Qx for linux-crypto@nl.linux.org; Fri, 05 May 2006 15:01:25 +0200 Received: by nf-out-0910.google.com with SMTP id a25so534381nfc for ; Fri, 05 May 2006 05:59:59 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:user-agent:mime-version:to:subject:content-type:content-transfer-encoding; b=r/Vuxs2bDIx3AmY7NUex09J0lboSECZXwb62e0hB/FDyTQ6/n+nyrzEeOE5CxyU1wJslJ2ytmyqex9a8gk7bYWv/zxdHoRMdC2XLzZYLVa9Om2wWxEMCEU5ooKsH5TTBXuF+WU5390M7oPhUAgzu8XCGUKpVmokd+6BMV/iUPT4= Received: by 10.48.164.9 with SMTP id m9mr273510nfe; Fri, 05 May 2006 05:59:58 -0700 (PDT) Received: from ?192.168.0.199? ( [85.65.62.61]) by mx.gmail.com with ESMTP id y23sm3189323nfb.2006.05.05.05.59.56; Fri, 05 May 2006 05:59:58 -0700 (PDT) Message-ID: <445B4CD7.1030909@gmail.com> Date: Fri, 05 May 2006 16:02:15 +0300 From: Alon Bar-Lev User-Agent: Thunderbird 1.5.0.2 (X11/20060501) MIME-Version: 1.0 To: jariruusu@users.sourceforge.net, linux-crypto@nl.linux.org Subject: Loop-AES and kernel access key retention Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Received-SPF: X-ecartis-version: Ecartis v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: alon.barlev@gmail.com Precedence: bulk List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto Hello Jari, I am a heavy happy user of your loop-aes component. So first of all I want to thank you for your work. I've implemented some wrapping to enable users to use Linux, suspend2, loop-aes and PKCS#11 in order to have a secure mobile environment (http://wiki.suspend2.net/EncryptedSwapAndRoot). I've just went through some of the eCryptfs code and I've noticed they are using the kernel access key retention to move keys from user space into kernel. It looks quite clean implementation so that it does not require any patch to util-linux. I know that you support kernel 2.0 and above, so the util-linux patch is required... But maybe for newer kernels you can allow the kernel key interface support. I thought of something like user mode for /dev/loop0 and multi-key-v3: { echo AES256 gpg < keyfile.gpg } | keyctl padd user loop:0 @u Then use losetup or mount without any patches. The loop:# is required in order to allow a simple /etc/request-key.conf configuration for loop keys. So even if key is not provided the /sbin/request-key can instantiate it. Just an idea... Best Regards, Alon Bar-Lev. - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Sun May 07 02:38:22 2006 Received: from localhost ([127.0.0.1] helo=humbolt) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FcXHu-0000lq-HJ; Sun, 07 May 2006 02:38:18 +0200 Received: with ECARTIS (v1.0.0; list linux-crypto); Sun, 07 May 2006 02:37:25 +0200 (CEST) Received: from mail.gmx.de ([213.165.64.20] helo=mail.gmx.net) by humbolt.nl.linux.org with smtp (Exim 4.22) id 1FcXGs-0000hZ-IM for linux-crypto@nl.linux.org; Sun, 07 May 2006 02:37:14 +0200 Received: (qmail 29279 invoked by uid 0); 7 May 2006 00:35:17 -0000 Received: from 84.175.18.79 by www008.gmx.net with HTTP; Sun, 7 May 2006 02:35:17 +0200 (MEST) Date: Sun, 7 May 2006 02:35:17 +0200 (MEST) From: Peter_22@gmx.de To: linux-crypto@nl.linux.org Cc: jariruusu@users.sourceforge.net MIME-Version: 1.0 References: <445B4CD7.1030909@gmail.com> Subject: Loop-AES and Twofish on 64-bit CPU X-Priority: 3 (Normal) X-Authenticated: #5663700 Message-ID: <24709.1146962117@www008.gmx.net> X-Mailer: WWW-Mail 1.6 (Global Message Exchange) X-Flags: 0001 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 8bit Received-SPF: X-Spam-Level: X-Spam-Status: No, score=-2.0 required=5.0 tests=AWL,BAYES_00,NO_REAL_NAME autolearn=no version=3.0.1 X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on humbolt.nl.linux.org X-ecartis-version: Ecartis v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: Peter_22@gmx.de Precedence: bulk List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto Hi! Since Loop-AES features a patch for amd64 cpus when using AES cipher it runs faster creating less load. So everyone will use AES. Twofish and Blowfish ciphers are considerably slower. But, is there a patch for Twohfish / Blowfish to make them work faster on amd64?? I´d like to use both ciphers for the same partition, unfortunately both are much slower than AES. Will this be the same forever? Best regards, Peter -- Echte DSL-Flatrate dauerhaft für 0,- Euro*! "Feel free" mit GMX DSL! http://www.gmx.net/de/go/dsl - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Sun May 07 17:59:38 2006 Received: from localhost ([127.0.0.1] helo=humbolt) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FclfT-0000Ul-Je; Sun, 07 May 2006 17:59:35 +0200 Received: with ECARTIS (v1.0.0; list linux-crypto); Sun, 07 May 2006 17:59:03 +0200 (CEST) Received: from mail.tnnet.fi ([217.112.240.26]) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FclMz-0007u2-Tw for linux-crypto@nl.linux.org; Sun, 07 May 2006 17:40:29 +0200 Received: from localhost (localhost [127.0.0.1]) by mail.tnnet.fi (Postfix) with ESMTP id 563743ACC51; Sun, 7 May 2006 18:40:29 +0300 (EEST) Received: from mail.tnnet.fi ([127.0.0.1]) by localhost (mail [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 27304-03; Sun, 7 May 2006 18:40:28 +0300 (EEST) Received: from a64.adsl.tnnet.fi (a64.adsl.tnnet.fi [217.112.242.64]) by mail.tnnet.fi (Postfix) with ESMTP id 20972373CA8; Sun, 7 May 2006 18:40:28 +0300 (EEST) Message-ID: <445E14EB.A3079403@users.sourceforge.net> Date: Sun, 07 May 2006 18:40:27 +0300 From: Jari Ruusu To: Peter_22@gmx.de Cc: linux-crypto@nl.linux.org Subject: Re: Loop-AES and Twofish on 64-bit CPU References: <445B4CD7.1030909@gmail.com> <24709.1146962117@www008.gmx.net> Content-Type: text/plain; charset=iso-8859-1 X-Virus-Scanned: amavisd-new at mail.tnnet.fi Content-Transfer-Encoding: quoted-printable Received-SPF: X-Spam-Level: X-Spam-Status: No, score=-2.5 required=5.0 tests=AWL,BAYES_00 autolearn=no version=3.0.1 X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on humbolt.nl.linux.org X-ecartis-version: Ecartis v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: jariruusu@users.sourceforge.net Precedence: bulk List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto Peter_22@gmx.de wrote: > Since Loop-AES features a patch for amd64 cpus when using AES cipher it= runs > faster creating less load. So everyone will use AES. Twofish and Blowfi= sh > ciphers are considerably slower. But, is there a patch for Twohfish / > Blowfish to make them work faster on amd64?? > I=B4d like to use both ciphers for the same partition, unfortunately bo= th are > much slower than AES. Will this be the same forever? Joachim Fritschi posted partially assembler implementation of twofish for AMD64 to linux-kernel mailing list today. I haven't looked at it yet. For blowfish... my advise is to not use blowfish to encrypt large amounts= of data. It has 64 bit block size, and it is present in loop-AES' additional ciphers package mostly for compatibility with some old implementations. --=20 Jari Ruusu 1024R/3A220F51 5B 4B F9 BB D3 3F 52 E9 DB 1D EB E3 24 0E A9 = DD - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Sun May 07 18:01:17 2006 Received: from localhost ([127.0.0.1] helo=humbolt) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FclNU-0007tL-0O; Sun, 07 May 2006 17:41:00 +0200 Received: with ECARTIS (v1.0.0; list linux-crypto); Sun, 07 May 2006 17:40:13 +0200 (CEST) Received: from mail.tnnet.fi ([217.112.240.26]) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FclML-0007oz-RP for linux-crypto@nl.linux.org; Sun, 07 May 2006 17:39:49 +0200 Received: from localhost (localhost [127.0.0.1]) by mail.tnnet.fi (Postfix) with ESMTP id 6C3643ACC51; Sun, 7 May 2006 18:39:46 +0300 (EEST) Received: from mail.tnnet.fi ([127.0.0.1]) by localhost (mail [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 23378-16; Sun, 7 May 2006 18:39:45 +0300 (EEST) Received: from a64.adsl.tnnet.fi (a64.adsl.tnnet.fi [217.112.242.64]) by mail.tnnet.fi (Postfix) with ESMTP id F3136373CA8; Sun, 7 May 2006 18:39:44 +0300 (EEST) Message-ID: <445E14C0.A66BB243@users.sourceforge.net> Date: Sun, 07 May 2006 18:39:44 +0300 From: Jari Ruusu To: Alon Bar-Lev Cc: linux-crypto@nl.linux.org Subject: Re: Loop-AES and kernel access key retention References: <445B4CD7.1030909@gmail.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Virus-Scanned: amavisd-new at mail.tnnet.fi Received-SPF: X-Spam-Level: X-Spam-Status: No, score=-2.5 required=5.0 tests=AWL,BAYES_00 autolearn=no version=3.0.1 X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on humbolt.nl.linux.org X-ecartis-version: Ecartis v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: jariruusu@users.sourceforge.net Precedence: bulk List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto Alon Bar-Lev wrote: > I've just went through some of the eCryptfs code and I've > noticed they are using the kernel access key retention to > move keys from user space into kernel. It looks quite clean > implementation so that it does not require any patch to > util-linux. (1) Keyctl userland-to-kernel interface is based on strings, and encrypted loops want hashed binary data. Not compatible without extra tricks. (2) Userspace utilities make no attempt to overwrite secret key material after they are done with it. Serious newbie goofs. (3) Significant amounts of loop would need to be rewritten because ioctl() and request_key() interfaces are so different, yet the benefits would be almost zero. (4) Mainline linux motto is: "there is no stable API" which usually translates to "don't bother writing code to this API". I have seen too may interfaces change/break under my feet that I am reluctant to add another dependency to another possibly wildly changing API. -- Jari Ruusu 1024R/3A220F51 5B 4B F9 BB D3 3F 52 E9 DB 1D EB E3 24 0E A9 DD - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Sun May 07 18:32:33 2006 Received: from localhost ([127.0.0.1] helo=humbolt) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FcmBK-0003Xm-8Y; Sun, 07 May 2006 18:32:30 +0200 Received: with ECARTIS (v1.0.0; list linux-crypto); Sun, 07 May 2006 18:31:57 +0200 (CEST) Received: from ug-out-1314.google.com ([66.249.92.175]) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1Fclfr-0000bq-4h for linux-crypto@nl.linux.org; Sun, 07 May 2006 17:59:59 +0200 Received: by ug-out-1314.google.com with SMTP id y2so1271551uge for ; Sun, 07 May 2006 08:59:54 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:user-agent:mime-version:to:cc:subject:references:in-reply-to:content-type:content-transfer-encoding; b=GOMfmBMytwyumYVDwbo7kJwcDCYF52+p/XLUG2BqnkNToqfCfOt+MCZvfqoK96z7MG3t7pjcj0qZfkVlHI0BR8pu3fhbNPh/s6CEeR38jvGzeNg6qvMtA5eQLGDaTXhwKfQ/4vwzg5pd9wfN1oLefXKptxb0OIATdWfB12L+9zo= Received: by 10.66.185.40 with SMTP id i40mr453433ugf; Sun, 07 May 2006 08:59:54 -0700 (PDT) Received: from ?192.168.0.199? ( [85.65.62.61]) by mx.gmail.com with ESMTP id j2sm1481671ugf.2006.05.07.08.59.47; Sun, 07 May 2006 08:59:54 -0700 (PDT) Message-ID: <445E1A08.9050105@gmail.com> Date: Sun, 07 May 2006 19:02:16 +0300 From: Alon Bar-Lev User-Agent: Thunderbird 1.5.0.2 (X11/20060501) MIME-Version: 1.0 To: Jari Ruusu CC: linux-crypto@nl.linux.org Subject: Re: Loop-AES and kernel access key retention References: <445B4CD7.1030909@gmail.com> <445E14C0.A66BB243@users.sourceforge.net> In-Reply-To: <445E14C0.A66BB243@users.sourceforge.net> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Received-SPF: X-ecartis-version: Ecartis v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: alon.barlev@gmail.com Precedence: bulk List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto Jari Ruusu wrote: > Alon Bar-Lev wrote: >> I've just went through some of the eCryptfs code and I've >> noticed they are using the kernel access key retention to >> move keys from user space into kernel. It looks quite clean >> implementation so that it does not require any patch to >> util-linux. Thank you for your reply! > (1) Keyctl userland-to-kernel interface is based on strings, and encrypted > loops want hashed binary data. Not compatible without extra tricks. I am under the impression that it can hold binary data. You can pipe data to it. I've tried it and it works. > (2) Userspace utilities make no attempt to overwrite secret key material > after they are done with it. Serious newbie goofs. Well... If this was the only problem, I would have worked with the author to fix it to your satisfaction :) > (3) Significant amounts of loop would need to be rewritten because ioctl() > and request_key() interfaces are so different, yet the benefits would be > almost zero. I am under the impression that it should be quite easy. I've looked at the eCryptfs code: --- #include #define KEY_PAYLOAD_DATA(key) \ (((struct user_key_payload*)key->payload.data)->data) #define KEY_PAYLOAD_LEN(key) \ (((struct user_key_payload*)key->payload.data)->datalen) auth_tok_key = request_key(&key_type_user, mount_crypt_stat->global_auth_tok_sig, NULL); if (!auth_tok_key || IS_ERR(auth_tok_key)) { ecryptfs_printk(KERN_ERR, "Could not find key with " "description: [%s]\n", mount_crypt_stat->global_auth_tok_sig); process_request_key_err(PTR_ERR(auth_tok_key)); rc = -EINVAL; goto out; } auth_tok = (struct ecryptfs_auth_tok *)KEY_PAYLOAD_DATA(auth_tok_key); --- > (4) Mainline linux motto is: "there is no stable API" which usually > translates to "don't bother writing code to this API". I have seen too > may interfaces change/break under my feet that I am reluctant to add > another dependency to another possibly wildly changing API. OK. It was just an idea... I thought it is simple enough to support it. But I understand your position. Best Regards, Alon Bar-Lev. - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Sun May 07 19:11:16 2006 Received: from localhost ([127.0.0.1] helo=humbolt) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FcmhI-0007bS-Nx; Sun, 07 May 2006 19:05:32 +0200 Received: with ECARTIS (v1.0.0; list linux-crypto); Sun, 07 May 2006 19:04:53 +0200 (CEST) Received: from mail.tnnet.fi ([217.112.240.26]) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FcmPZ-0004oR-AS for linux-crypto@nl.linux.org; Sun, 07 May 2006 18:47:13 +0200 Received: from localhost (localhost [127.0.0.1]) by mail.tnnet.fi (Postfix) with ESMTP id F047F373F60; Sun, 7 May 2006 19:47:09 +0300 (EEST) Received: from mail.tnnet.fi ([127.0.0.1]) by localhost (mail [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 29324-17; Sun, 7 May 2006 19:47:08 +0300 (EEST) Received: from a64.adsl.tnnet.fi (a64.adsl.tnnet.fi [217.112.242.64]) by mail.tnnet.fi (Postfix) with ESMTP id 7DDF8373620; Sun, 7 May 2006 19:47:08 +0300 (EEST) Message-ID: <445E248C.A5EB23E1@users.sourceforge.net> Date: Sun, 07 May 2006 19:47:08 +0300 From: Jari Ruusu To: Alon Bar-Lev Cc: linux-crypto@nl.linux.org Subject: Re: Loop-AES and kernel access key retention References: <445B4CD7.1030909@gmail.com> <445E14C0.A66BB243@users.sourceforge.net> <445E1A08.9050105@gmail.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Virus-Scanned: amavisd-new at mail.tnnet.fi Received-SPF: X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on humbolt.nl.linux.org X-Spam-Level: X-Spam-Status: No, score=-2.5 required=5.0 tests=AWL,BAYES_00 autolearn=no version=3.0.1 X-ecartis-version: Ecartis v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: jariruusu@users.sourceforge.net Precedence: bulk List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto Alon Bar-Lev wrote: > Jari Ruusu wrote: > > (1) Keyctl userland-to-kernel interface is based on strings, and encrypted > > loops want hashed binary data. Not compatible without extra tricks. > > I am under the impression that it can hold binary data. You > can pipe data to it. I've tried it and it works. Keyctl does strlen() on the key string. Null bytes won't work. > > (2) Userspace utilities make no attempt to overwrite secret key material > > after they are done with it. Serious newbie goofs. > > Well... If this was the only problem, I would have worked > with the author to fix it to your satisfaction :) It would need a user space program to be written anyway. The keys need to be hashed, in userspace. Doing that in kernel would be insane. > > (3) Significant amounts of loop would need to be rewritten because ioctl() > > and request_key() interfaces are so different, yet the benefits would be > > almost zero. > > I am under the impression that it should be quite easy. I've > looked at the eCryptfs code: I quickly read the code and it looked like that request_key() may sleep. Code paths were this request_key() would be inserted, may not sleep for any significant amount of time. It holds locks. Locking re-write -> not funny. There are many missing bits: For example, where do offset= and sizelimit= options come from if they are not in /etc/fstab and parsed by mount and losetup. -- Jari Ruusu 1024R/3A220F51 5B 4B F9 BB D3 3F 52 E9 DB 1D EB E3 24 0E A9 DD - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Sun May 07 23:18:20 2006 Received: from localhost ([127.0.0.1] helo=humbolt) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1Fcqdr-0007hN-KS; Sun, 07 May 2006 23:18:15 +0200 Received: with ECARTIS (v1.0.0; list linux-crypto); Sun, 07 May 2006 23:17:33 +0200 (CEST) Received: from mail.gmx.net ([213.165.64.20]) by humbolt.nl.linux.org with smtp (Exim 4.22) id 1Fcqcr-0007bt-LU for linux-crypto@nl.linux.org; Sun, 07 May 2006 23:17:13 +0200 Received: (qmail 22690 invoked by uid 0); 7 May 2006 21:15:22 -0000 Received: from 84.175.58.41 by www011.gmx.net with HTTP; Sun, 7 May 2006 23:15:22 +0200 (MEST) Date: Sun, 7 May 2006 23:15:22 +0200 (MEST) From: Peter_22@gmx.de To: Jari Ruusu Cc: linux-crypto@nl.linux.org MIME-Version: 1.0 References: <445E14EB.A3079403@users.sourceforge.net> Subject: Re: Loop-AES and Twofish on 64-bit CPU X-Priority: 3 (Normal) X-Authenticated: #5663700 Message-ID: <14341.1147036522@www011.gmx.net> X-Mailer: WWW-Mail 1.6 (Global Message Exchange) X-Flags: 0001 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 8bit Received-SPF: X-Spam-Level: X-Spam-Status: No, score=-2.0 required=5.0 tests=AWL,BAYES_00,NO_REAL_NAME autolearn=no version=3.0.1 X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on humbolt.nl.linux.org X-ecartis-version: Ecartis v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: Peter_22@gmx.de Precedence: bulk List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto > --- Ursprüngliche Nachricht --- > Von: Jari Ruusu > An: Peter_22@gmx.de > Kopie: linux-crypto@nl.linux.org [...] > Betreff: Re: Loop-AES and Twofish on 64-bit CPU > Joachim Fritschi posted partially assembler implementation of twofish for > AMD64 to linux-kernel mailing list today. I haven't looked at it yet. Can this code be integrated in the next Loop-AES cipher package? I´d also volunteer for a pre-test. > For blowfish... my advise is to not use blowfish to encrypt large amounts > of > data. It has 64 bit block size, and it is present in loop-AES' additional > ciphers package mostly for compatibility with some old implementations. Blow- and Twofish are the only alternatives to AES. I´d like to use two loops on one partition and use at least two ciphers to gain better security. Size of devices in my case is 200GB (my complete old WD drive) and large portions of the newer 320GB drive. With perpendicular recording drive space will increase considerably in the next months. Do you see a limit where AES or other ciphers can no longer cope with that? With a passthru kernel patch (http://www.kernel.org/pub/linux/kernel/people/jgarzik/libata/old/) I managed to turn on and off my old 200GB serial ata drive. The command is "hdparm -y /dev/sdb". This way you easily get more encrypted storage without mounting dozens of dvd images and all that crap. Anyway, 64bit implementations of any cipher are always welcome. Regards, Peter -- Analog-/ISDN-Nutzer sparen mit GMX SmartSurfer bis zu 70%! Kostenlos downloaden: http://www.gmx.net/de/go/smartsurfer - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Mon May 08 00:34:05 2006 Received: from localhost ([127.0.0.1] helo=humbolt) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FcrpA-0004MJ-N7; Mon, 08 May 2006 00:34:00 +0200 Received: with ECARTIS (v1.0.0; list linux-crypto); Mon, 08 May 2006 00:33:22 +0200 (CEST) Received: from ms-1.rz.rwth-aachen.de ([134.130.3.130] helo=ms-dienst.rz.rwth-aachen.de) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FcroH-0004LJ-DL for linux-crypto@nl.linux.org; Mon, 08 May 2006 00:33:05 +0200 Received: from circe (circe.rz.RWTH-Aachen.DE [134.130.3.36]) by ms-dienst.rz.rwth-aachen.de (iPlanet Messaging Server 5.2 Patch 2 (built Jul 14 2004)) with ESMTP id <0IYW00IFPZV0PH@ms-dienst.rz.rwth-aachen.de> for linux-crypto@nl.linux.org; Sun, 07 May 2006 23:33:01 +0200 (MEST) Received: from talos.rz.RWTH-Aachen.DE ([134.130.3.22]) by circe (MailMonitor for SMTP v1.2.2 ) ; Sun, 07 May 2006 23:33:00 +0200 (MEST) Received: from enterprise.ram.rwth-aachen.de (enterprise.ram.RWTH-Aachen.DE [137.226.68.2]) by smarthost.rwth-aachen.de (8.13.1/8.13.1/1) with ESMTP id k47LWxOx032506 for ; Sun, 07 May 2006 23:32:59 +0200 Received: from localhost (localhost [127.0.0.1]) by enterprise.ram.rwth-aachen.de (Postfix) with ESMTP id 426735B777 for ; Sun, 07 May 2006 23:33:00 +0200 (CEST) Received: from enterprise.ram.rwth-aachen.de ([127.0.0.1]) by localhost (enterprise [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 02166-08 for ; Sun, 07 May 2006 23:32:59 +0200 (CEST) Received: from tatooine.rebelbase.local (wintergate.ram.rwth-aachen.de [137.226.69.158]) by enterprise.ram.rwth-aachen.de (Postfix) with ESMTP id B9E4C5B775 for ; Sun, 07 May 2006 23:32:58 +0200 (CEST) Received: by tatooine.rebelbase.local (Postfix, from userid 500) id 711C654F4E0; Sun, 07 May 2006 23:32:57 +0200 (CEST) Date: Sun, 07 May 2006 23:32:57 +0200 From: markus reichelt Subject: Re: Loop-AES and Twofish on 64-bit CPU In-reply-to: <14341.1147036522@www011.gmx.net> To: linux-crypto@nl.linux.org Mail-followup-to: linux-crypto@nl.linux.org Message-id: <20060507213257.GA1238@dantooine> Organization: still stuck in reorganization mode MIME-version: 1.0 Content-type: multipart/signed; boundary=oyUTqETQ0mS9luUI; protocol="application/pgp-signature"; micalg=pgp-sha1 Content-disposition: inline User-Agent: Mutt/1.5.11 X-PGP-Key: 0xC2A3FEE4 X-PGP-Fingerprint: FFB8 E22F D2BC 0488 3D56 F672 2CCC 933B C2A3 FEE4 X-Request-PGP: http://mareichelt.de/keys/c2a3fee4.asc X-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at enterprise.ram.rwth-aachen.de References: <445E14EB.A3079403@users.sourceforge.net> <14341.1147036522@www011.gmx.net> Received-SPF: X-ecartis-version: Ecartis v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: ml@mareichelt.de Precedence: bulk List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto --oyUTqETQ0mS9luUI Content-Type: text/plain; charset=iso-8859-15 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable * Peter_22@gmx.de wrote: > Blow- and Twofish are the only alternatives to AES. I?d like to use > two loops on one partition and use at least two ciphers to gain > better security. There's also serpent. --=20 left blank, right bald --oyUTqETQ0mS9luUI Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.1 (GNU/Linux) iD8DBQFEXmeJLMyTO8Kj/uQRAjW5AJ94gLelkwBmUzmR+aXQXJOpukGzKQCgkm6M 8SpJe7bPRic0ih6rwIviN10= =4lWu -----END PGP SIGNATURE----- --oyUTqETQ0mS9luUI-- - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Mon May 08 21:24:05 2006 Received: from localhost ([127.0.0.1] helo=humbolt) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FdBKq-0006VX-3o; Mon, 08 May 2006 21:24:00 +0200 Received: with ECARTIS (v1.0.0; list linux-crypto); Mon, 08 May 2006 21:22:54 +0200 (CEST) Received: from mail.gmx.de ([213.165.64.20] helo=mail.gmx.net) by humbolt.nl.linux.org with smtp (Exim 4.22) id 1FdBJL-0006OT-Ra for linux-crypto@nl.linux.org; Mon, 08 May 2006 21:22:27 +0200 Received: (qmail 11922 invoked by uid 0); 8 May 2006 19:20:34 -0000 Received: from 84.175.41.179 by www013.gmx.net with HTTP; Mon, 8 May 2006 21:20:34 +0200 (MEST) Date: Mon, 8 May 2006 21:20:34 +0200 (MEST) From: Peter_22@gmx.de To: markus reichelt Cc: linux-crypto@nl.linux.org MIME-Version: 1.0 References: <20060507213257.GA1238@dantooine> Subject: Re: Loop-AES and Twofish on 64-bit CPU X-Priority: 3 (Normal) X-Authenticated: #5663700 Message-ID: <4536.1147116034@www013.gmx.net> X-Mailer: WWW-Mail 1.6 (Global Message Exchange) X-Flags: 0001 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 8bit Received-SPF: X-Spam-Status: No, score=-2.1 required=5.0 tests=AWL,BAYES_00,NO_REAL_NAME autolearn=no version=3.0.1 X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on humbolt.nl.linux.org X-Spam-Level: X-ecartis-version: Ecartis v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: Peter_22@gmx.de Precedence: bulk List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto > --- Ursprüngliche Nachricht --- > Von: markus reichelt > An: linux-crypto@nl.linux.org > Betreff: Re: Loop-AES and Twofish on 64-bit CPU > Datum: Sun, 07 May 2006 23:32:57 +0200 > > * Peter_22@gmx.de wrote: > > > Blow- and Twofish are the only alternatives to AES. I?d like to use > > two loops on one partition and use at least two ciphers to gain > > better security. > > There's also serpent. Which is, to my knowledge, derived from AES. I´d wonder if serpent is optimized for amd64 cpu. So far I can assure to everyone that the 64bit optimization for AES was a breakthrough. Regards, Peter -- Analog-/ISDN-Nutzer sparen mit GMX SmartSurfer bis zu 70%! Kostenlos downloaden: http://www.gmx.net/de/go/smartsurfer - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Tue May 09 01:28:56 2006 Received: from localhost ([127.0.0.1] helo=humbolt) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FdF9n-0006Ou-LQ; Tue, 09 May 2006 01:28:51 +0200 Received: with ECARTIS (v1.0.0; list linux-crypto); Tue, 09 May 2006 01:28:07 +0200 (CEST) Received: from ms-1.rz.rwth-aachen.de ([134.130.3.130] helo=ms-dienst.rz.rwth-aachen.de) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FdF8p-0006O7-QA for linux-crypto@nl.linux.org; Tue, 09 May 2006 01:27:51 +0200 Received: from circe (circe.rz.RWTH-Aachen.DE [134.130.3.36]) by ms-dienst.rz.rwth-aachen.de (iPlanet Messaging Server 5.2 Patch 2 (built Jul 14 2004)) with ESMTP id <0IYY000AXZU888@ms-dienst.rz.rwth-aachen.de> for linux-crypto@nl.linux.org; Tue, 09 May 2006 01:27:44 +0200 (MEST) Received: from talos.rz.RWTH-Aachen.DE ([134.130.3.22]) by circe (MailMonitor for SMTP v1.2.2 ) ; Tue, 09 May 2006 01:27:44 +0200 (MEST) Received: from enterprise.ram.rwth-aachen.de (enterprise.ram.RWTH-Aachen.DE [137.226.68.2]) by smarthost.rwth-aachen.de (8.13.1/8.13.1/1) with ESMTP id k48NRhc4007975 for ; Tue, 09 May 2006 01:27:43 +0200 Received: from localhost (localhost [127.0.0.1]) by enterprise.ram.rwth-aachen.de (Postfix) with ESMTP id 06DF55B777 for ; Tue, 09 May 2006 01:27:44 +0200 (CEST) Received: from enterprise.ram.rwth-aachen.de ([127.0.0.1]) by localhost (enterprise [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 15308-01 for ; Tue, 09 May 2006 01:27:43 +0200 (CEST) Received: from tatooine.rebelbase.local (wintergate.ram.rwth-aachen.de [137.226.69.158]) by enterprise.ram.rwth-aachen.de (Postfix) with ESMTP id 7EF085B775 for ; Tue, 09 May 2006 01:27:43 +0200 (CEST) Received: by tatooine.rebelbase.local (Postfix, from userid 500) id 36F7E54F4E0; Tue, 09 May 2006 01:27:42 +0200 (CEST) Date: Tue, 09 May 2006 01:27:42 +0200 From: markus reichelt Subject: Re: Loop-AES and Twofish on 64-bit CPU In-reply-to: <4536.1147116034@www013.gmx.net> To: linux-crypto@nl.linux.org Mail-followup-to: linux-crypto@nl.linux.org Message-id: <20060508232742.GA4880@dantooine> Organization: still stuck in reorganization mode MIME-version: 1.0 Content-type: multipart/signed; boundary=pf9I7BMVVzbSWLtt; protocol="application/pgp-signature"; micalg=pgp-sha1 Content-disposition: inline User-Agent: Mutt/1.5.11 X-PGP-Key: 0xC2A3FEE4 X-PGP-Fingerprint: FFB8 E22F D2BC 0488 3D56 F672 2CCC 933B C2A3 FEE4 X-Request-PGP: http://mareichelt.de/keys/c2a3fee4.asc X-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at enterprise.ram.rwth-aachen.de References: <20060507213257.GA1238@dantooine> <4536.1147116034@www013.gmx.net> Received-SPF: X-ecartis-version: Ecartis v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: ml@mareichelt.de Precedence: bulk List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto --pf9I7BMVVzbSWLtt Content-Type: text/plain; charset=iso-8859-15 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable * Peter_22@gmx.de wrote: > > > Blow- and Twofish are the only alternatives to AES. I?d like to use > > > two loops on one partition and use at least two ciphers to gain > > > better security. > >=20 > > There's also serpent. >=20 > Which is, to my knowledge, derived from AES. They are similar, but serpent is more secure.=20 http://www.cl.cam.ac.uk/~rja14/serpent.html > I?d wonder if serpent is optimized for amd64 cpu. Not natively; but maybe there's some fancy code snippet out there, I don't know. This year both Intel's and AMD's production of 32bit CPUs will run out. They focus on the shiny 64bit production lines, so that means better chances for code optimization. Eventually. ;-) --=20 left blank, right bald --pf9I7BMVVzbSWLtt Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.1 (GNU/Linux) iD8DBQFEX9PuLMyTO8Kj/uQRAoLEAJwLyPJv92iiq8GndbHrKCwQZ9SIYQCfRFnO Npj9+Ymx+2O+iDg+Nf/1YEY= =uBN2 -----END PGP SIGNATURE----- --pf9I7BMVVzbSWLtt-- - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Tue May 09 01:37:56 2006 Received: from localhost ([127.0.0.1] helo=humbolt) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FdFIW-0006u6-Sw; Tue, 09 May 2006 01:37:52 +0200 Received: with ECARTIS (v1.0.0; list linux-crypto); Tue, 09 May 2006 01:37:27 +0200 (CEST) Received: from ms-1.rz.rwth-aachen.de ([134.130.3.130] helo=ms-dienst.rz.rwth-aachen.de) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FdFHq-0006t3-On for linux-crypto@nl.linux.org; Tue, 09 May 2006 01:37:10 +0200 Received: from circe (circe.rz.RWTH-Aachen.DE [134.130.3.36]) by ms-dienst.rz.rwth-aachen.de (iPlanet Messaging Server 5.2 Patch 2 (built Jul 14 2004)) with ESMTP id <0IYZ0001S09W88@ms-dienst.rz.rwth-aachen.de> for linux-crypto@nl.linux.org; Tue, 09 May 2006 01:37:09 +0200 (MEST) Received: from talos.rz.RWTH-Aachen.DE ([134.130.3.22]) by circe (MailMonitor for SMTP v1.2.2 ) ; Tue, 09 May 2006 01:37:08 +0200 (MEST) Received: from enterprise.ram.rwth-aachen.de (enterprise.ram.RWTH-Aachen.DE [137.226.68.2]) by smarthost.rwth-aachen.de (8.13.1/8.13.1/1) with ESMTP id k48Nb8bf009065 for ; Tue, 09 May 2006 01:37:08 +0200 Received: from localhost (localhost [127.0.0.1]) by enterprise.ram.rwth-aachen.de (Postfix) with ESMTP id 36AE95B777 for ; Tue, 09 May 2006 01:37:08 +0200 (CEST) Received: from enterprise.ram.rwth-aachen.de ([127.0.0.1]) by localhost (enterprise [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 15521-02 for ; Tue, 09 May 2006 01:37:07 +0200 (CEST) Received: from tatooine.rebelbase.local (wintergate.ram.rwth-aachen.de [137.226.69.158]) by enterprise.ram.rwth-aachen.de (Postfix) with ESMTP id AFA205B775 for ; Tue, 09 May 2006 01:37:07 +0200 (CEST) Received: by tatooine.rebelbase.local (Postfix, from userid 500) id 5A0E454F4E0; Tue, 09 May 2006 01:37:07 +0200 (CEST) Date: Tue, 09 May 2006 01:37:07 +0200 From: markus reichelt Subject: Re: Loop-AES and Twofish on 64-bit CPU In-reply-to: <14341.1147036522@www011.gmx.net> To: linux-crypto@nl.linux.org Mail-followup-to: linux-crypto@nl.linux.org Message-id: <20060508233707.GB4880@dantooine> Organization: still stuck in reorganization mode MIME-version: 1.0 Content-type: multipart/signed; boundary=+g7M9IMkV8truYOl; protocol="application/pgp-signature"; micalg=pgp-sha1 Content-disposition: inline User-Agent: Mutt/1.5.11 X-PGP-Key: 0xC2A3FEE4 X-PGP-Fingerprint: FFB8 E22F D2BC 0488 3D56 F672 2CCC 933B C2A3 FEE4 X-Request-PGP: http://mareichelt.de/keys/c2a3fee4.asc X-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at enterprise.ram.rwth-aachen.de References: <445E14EB.A3079403@users.sourceforge.net> <14341.1147036522@www011.gmx.net> Received-SPF: X-ecartis-version: Ecartis v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: ml@mareichelt.de Precedence: bulk List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto --+g7M9IMkV8truYOl Content-Type: text/plain; charset=iso-8859-15 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable * Peter_22@gmx.de wrote: > Blow- and Twofish are the only alternatives to AES. I?d like to use > two loops on one partition and use at least two ciphers to gain > better security. Regarding better security, I've just found out about an interesting event: Quo Vadis 4 Conference, Friday 26 May 2006, Warsaw, Poland It's interesting because of this: http://www.cryptosystem.net/aes/ "Nicolas T. Courtois has announced that he will make a public demonstration of an algebraic attack that breaks a toy block cipher with about 200 S-boxes (nearly as many as in AES), by solving a system of algebraic equations derived from very few (only 4) plaintexts, ciphertext pairs. The cipher has good diffusion, no special structure that could make it weak, and no known weakness (and probably no weakness whatsoever) other than the low I/O degree of its S-boxes." --=20 left blank, right bald --+g7M9IMkV8truYOl Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.1 (GNU/Linux) iD8DBQFEX9YjLMyTO8Kj/uQRAq9mAJ9xqiEYFa+YeOQeBQzOFfjVYpnQZwCfVHf/ mrJokumygKjl11hRGtnwEHk= =B4ee -----END PGP SIGNATURE----- --+g7M9IMkV8truYOl-- - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Tue May 09 12:12:23 2006 Received: from localhost ([127.0.0.1] helo=humbolt) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FdP7G-0004v0-T8; Tue, 09 May 2006 12:06:54 +0200 Received: with ECARTIS (v1.0.0; list linux-crypto); Tue, 09 May 2006 12:06:07 +0200 (CEST) Received: from alf.uib.no ([129.177.30.3] ident=exim) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FdP5p-0003Oh-OU for linux-crypto@nl.linux.org; Tue, 09 May 2006 12:05:25 +0200 Received: from 25.80-202-99.nextgentel.com ([10.0.0.3]) [80.202.99.25] by alf.uib.no with esmtp (Exim 4.34) id 1FdOuH-0002tJ-Fj; Tue, 09 May 2006 11:53:31 +0200 Message-ID: <446067A8.3040501@cbu.uib.no> Date: Tue, 09 May 2006 11:58:00 +0200 From: =?ISO-8859-1?Q?Gisle_S=E6lensminde?= User-Agent: Mozilla Thunderbird 1.0.7 (Macintosh/20050923) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Peter_22@gmx.de CC: markus reichelt , linux-crypto@nl.linux.org Subject: Re: Loop-AES and Twofish on 64-bit CPU References: <20060507213257.GA1238@dantooine> <4536.1147116034@www013.gmx.net> In-Reply-To: <4536.1147116034@www013.gmx.net> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 8bit X-checked-clean: by exiscan on alf X-Scanner: 02e99972fd49fd529f7c5f80a89f46a1 http://tjinfo.uib.no/virus.html X-UiB-SpamFlag: NO UIB: -15 hits, 8.0 required X-UiB-SpamReport: spamassassin found; -15 From is listed in 'whitelist_SA' Received-SPF: X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on humbolt.nl.linux.org X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00 autolearn=no version=3.0.1 X-Spam-Level: X-ecartis-version: Ecartis v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: Gisle.Salensminde@bccs.uib.no Precedence: bulk List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto Peter_22@gmx.de wrote: >>--- Ursprüngliche Nachricht --- >>Von: markus reichelt >>An: linux-crypto@nl.linux.org >>Betreff: Re: Loop-AES and Twofish on 64-bit CPU >>Datum: Sun, 07 May 2006 23:32:57 +0200 >> >>* Peter_22@gmx.de wrote: >> >> >> >>>Blow- and Twofish are the only alternatives to AES. I?d like to use >>>two loops on one partition and use at least two ciphers to gain >>>better security. >>> >>> First I would like to mention that this is not likely to increase the security in any way. The ciphers are well analyzed and have no known attacks. If there are weak spots in the scheme it is likely to be in the loop-implementation itself, since this is far less analyzed, and in that case an extra layer of encryption is more likely to weaken security than to strengthen it. (Note: I don't know of any exploitable holes in the loop implementation, I just say that more people have tried to find holes in AES) >>There's also serpent. >> >> > >Which is, to my knowledge, derived from AES. > Serpent is not derived from AES. It was one of the five final canditates to be AES, which the algorithm Rijndael (now known as just AES) won. So it was a competing candidate for being AES, and based on a quite different design. The other final candidates were Twofish and RC6 and Mars. Serpent is considered by many cryptographers to be a good number two, others like Twofish. Nobody like Mars, and RC6 is patented. All of them are belived to be secure. >I´d wonder if serpent is >optimized for amd64 cpu. So far I can assure to everyone that the 64bit >optimization for AES was a breakthrough. > > > Unlike AES, Serpent don't have immidiate gain from a 64-bit CPU, as it is quite close to optimal on a 32-bit chip, and it don't need the extra registers on the AMD64 architecture to be fast. In fact it does only read the keys and the input during an encryption. Just look at the emited assembly code of the serpent function (-O2 -fomit-frame-pointer), and it is quite well optimized. One difference however, is that the AMD chips has more ALUs, and can thus do more arithmetric operation in parallel, which means that different sets of sbox-functions will be optimal on the two CPUs, but the one being optimal on opteron will be almost optimal on PIII and PIV, so this set of sboxes is already in the current implementation of serpent. Another thing is that since serpent don't gain so much from a new instruction set, the differences between the 64-bit CPUs from AMD and intel may be as important as the difference between the 64 and 32-bit chips. What you can gain from a 64-bit CPU is that serpent then can run two encryptions in parallell (but not in CBC-mode unfortunatly) or two decryptions in parallell (also in CBC-mode), and this will double the speed of serpent. Unfortunatly this does not fit with the kernel API for crypto, so it is not implemented. Brian Gladman developed such an implementation once using the MMX instuction set, as this was before the AMD64 existed. Dag Arne Osvik's paper on optimization of Serpent: http://www.osvik.no/pub/aes3.pdf This paper describe a search function for sboxes for serpent. The sboxes in the current implementation was found with a bit different method, but you get an impression. -Gisle - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Tue May 09 13:58:03 2006 Received: from localhost ([127.0.0.1] helo=humbolt) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FdQqj-0008B3-HC; Tue, 09 May 2006 13:57:57 +0200 Received: with ECARTIS (v1.0.0; list linux-crypto); Tue, 09 May 2006 13:57:16 +0200 (CEST) Received: from [222.165.174.223] (helo=DAVID.Local) by humbolt.nl.linux.org with smtp (Exim 4.22) id 1FdQls-0007x4-Li for linux-crypto@nl.linux.org; Tue, 09 May 2006 13:52:56 +0200 Message-ID: <6b4c4e825ab896e7322f0df4d972e33f@david> From: "Jon" To: Subject: apple ipod nanos Date: Tue, 9 May 2006 17:23:46 +0600 X-Priority: 3 X-Mailer: My Smtp Mailer MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=NextMime00A_000_33183453D" Received-SPF: X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on humbolt.nl.linux.org X-Spam-Level: X-Spam-Status: No, score=0.3 required=5.0 tests=AWL,BAYES_50,HTML_FONT_BIG, HTML_MESSAGE autolearn=no version=3.0.1 X-ecartis-version: Ecartis v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: dona@sltnet.lk Precedence: bulk List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto This is a multi-part message in MIME format. ------=NextMime00A_000_33183453D Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Apple ipod Nanos 4GB with fullpacking=2E=2E door to door delivery US $ 190=2E00 minimum qty 100 ipods please contact us for details best regards Jon ------=NextMime00A_000_33183453D Content-Type: text/html; charset="utf-8" Content-Transfer-Encoding: quoted-printable

Apple ipod Nanos 4GB

with fullpacking=2E=2E

door to door delivery US $ 190=2E00

minimum qty 100 ipods

please contact us for details

best regards

Jon

------=NextMime00A_000_33183453D-- - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Wed May 10 02:45:08 2006 Received: from localhost ([127.0.0.1] helo=humbolt) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1Fdcp0-0007bv-RP; Wed, 10 May 2006 02:44:58 +0200 Received: with ECARTIS (v1.0.0; list linux-crypto); Wed, 10 May 2006 02:43:38 +0200 (CEST) Received: from ozzie.acm.org ([199.222.69.4]) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FdcnW-0007YA-Tq for linux-crypto@NL.LINUX.ORG; Wed, 10 May 2006 02:43:27 +0200 Received: from ozzie (ozzie.acm.org) by ozzie.acm.org (LSMTP for Windows NT v1.1b) with SMTP id <0.000DEFEE@ozzie.acm.org>; Tue, 9 May 2006 20:31:14 -0400 Date: Tue, 9 May 2006 20:31:14 -0400 From: "ACM LISTSERV Server (14.3)" Subject: Message ("Your message dated Wed, 10 May 2006 09:11:40...") To: linux-crypto@NL.LINUX.ORG Message-ID: Received-SPF: X-Spam-Level: X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on humbolt.nl.linux.org X-Spam-Status: No, score=-0.0 required=5.0 tests=BAYES_05,FROM_NO_LOWER autolearn=no version=3.0.1 X-ecartis-version: Ecartis v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: LISTSERV@LISTSERV.ACM.ORG Precedence: bulk List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto Your message dated Wed, 10 May 2006 09:11:40 +0900 with subject "Mail System Error - Returned Mail" has been submitted to the moderator of the CAREERNEWS list: careernews@HQ.ACM.ORG. - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Wed May 10 07:19:23 2006 Received: from localhost ([127.0.0.1] helo=humbolt) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1Fdh6V-0003yC-OR; Wed, 10 May 2006 07:19:19 +0200 Received: with ECARTIS (v1.0.0; list linux-crypto); Wed, 10 May 2006 07:18:38 +0200 (CEST) Received: from a15166781.alturo-server.de ([212.227.20.147]) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1Fdgyy-0003SM-Cv for linux-crypto@nl.linux.org; Wed, 10 May 2006 07:11:32 +0200 Received: by a15166781.alturo-server.de (Postfix, from userid 30) id B1D438321E8; Wed, 10 May 2006 05:44:03 +0200 (CEST) To: linux-crypto@nl.linux.org Subject: From:Derrick Martins From: Derrick Martins Reply-To: derrickmartins888@yahoo.es MIME-Version: 1.0 Content-Type: text/plain Message-Id: <20060510034403.B1D438321E8@a15166781.alturo-server.de> Date: Wed, 10 May 2006 05:44:03 +0200 (CEST) Content-Transfer-Encoding: quoted-printable Received-SPF: X-Spam-Status: No, score=1.6 required=5.0 tests=BAYES_60, RCVD_IN_BL_SPAMCOP_NET autolearn=no version=3.0.1 X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on humbolt.nl.linux.org X-Spam-Level: * X-ecartis-version: Ecartis v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: derrickmartins700@myway.com Precedence: bulk List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto =0D From:Derrick Martins=0D Manchester G37 7FT,=0D United Kingdom.=0D Tel:44 704-013-1898=0D Fax:44-870-135-4914=0D E-mail:derrickmartins@myway.com=0D =0D =0D We are Diplomatic Corp that holds special and valuable consignments for r= eputable clients that =0D =0D are honest and trustworthy. We work in collaboration with top firms all o= ver the world =0D as we have earned a name as a service whose hallmarks in reliability and = confidentiality are =0D =0D revered.=0D =0D =0D International missions, Diplomats,Embassies of the world have used our se= rvices to satisfaction. =0D =0D A benefactor has mandated me to get someone that can assist her and her f= amily in retrieving her =0D =0D package containing some amount of money from a Diplomatic Corp in Europe.= =0D =0D =0D The benefactor and her children have been confined only to their country = home and all their calls =0D =0D and movements are monitored, as a result,its absoultely impossible for th= em to do anything as =0D =0D regards retrieving the money. Their only means of communication is via i= nternet and you are =0D =0D being contacted because your assistance is needed in claiming the funds o= n their behalf. =0D =0D =0D The amount was accrued from Diamond sales over a period of six years and = its USD5M (Five Million =0D =0D U.S.Dollars). These funds are fully free of any liens, or encumbrances an= d are clean, clear and=0D has no criminal origin. =0D =0D =0D The funds have nothing to do with any form of illegality and all document= ations needed to prove =0D =0D the source of the funds were submitted when the funds were being deposite= d and these documents =0D =0D would prove the source of the funds and authenticate the fact that the fu= nds are clean and has no =0D =0D links whatsoever with either drugs or terrorism. =0D =0D =0D For your assistance in this transaction,the benefactor and her Children h= ave agreed to give you =0D =0D 25% of the total amount of money and this role simply entails retrieving = the funds on their =0D =0D behalf from the Diplomats in Europe and all the information needed to cla= im the funds would be =0D sent to you as soon as you indicate your interest in assisting them as we= ll as providing the =0D =0D following information to facilitate the smooth conclusion of the transact= ion..=0D =0D 1) Your Full Name: ___________________________=0D =0D =0D 2) Your Address:_______________________________=0D =0D =0D 3) Your Telephone Number:________________________=0D =0D =0D 4) Your Fax Number: __________________________=0D =0D =0D 5) Your Mobile Number:_____________________________=0D =0D =0D 6) The Name of the Closest Airport to your City of Residence:____________= _________=0D =0D =0D 7) Your Age:__________________________=0D =0D =0D I await your response Urgently.=0D =0D Derrick Martins=0D - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Wed May 10 21:37:37 2006 Received: from localhost ([127.0.0.1] helo=humbolt) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FduV2-0007Ew-18; Wed, 10 May 2006 21:37:32 +0200 Received: with ECARTIS (v1.0.0; list linux-crypto); Wed, 10 May 2006 21:37:06 +0200 (CEST) Received: from [194.247.209.129] (helo=batut.org.yu) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FduUM-00073G-AV for linux-crypto@nl.linux.org; Wed, 10 May 2006 21:36:50 +0200 Received: from batut.org.yu by batut.org.yu (with RAW) (MDaemon.PRO.v7.0.1.R) for ; Wed, 10 May 2006 10:18:33 +0200 Date: Wed, 10 May 2006 10:18:33 +0200 From: Postmaster@batut.org.yu Reply-To: Postmaster@batut.org.yu Subject: MDaemon Notification -- Attachment Removed To: linux-crypto@nl.linux.org X-MDaemon-Deliver-To: linux-crypto@nl.linux.org Message-ID: Mime-Version: 1.0 X-Actual-From: Postmaster@batut.org.yu X-MDSend-Notifications-To: [trash] Content-Type: text/plain; charset=US-ASCII Received-SPF: X-Spam-Status: No, score=0.0 required=5.0 tests=BAYES_50,NO_REAL_NAME autolearn=no version=3.0.1 X-Spam-Level: X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on humbolt.nl.linux.org X-ecartis-version: Ecartis v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: Postmaster@batut.org.yu Precedence: bulk List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto The following message contained restricted attachment(s) which have been removed: >From : MAILER-DAEMON@nl.linux.org To : linux-crypto@nl.linux.org Subject : Returned mail: Data format error Message-ID: Attachment(s) removed: ----------------------------------------- lczirjo.exe - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Fri May 12 23:53:59 2006 Received: from localhost ([127.0.0.1] helo=humbolt) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1Fefa7-00077F-UT; Fri, 12 May 2006 23:53:55 +0200 Received: with ECARTIS (v1.0.0; list linux-crypto); Fri, 12 May 2006 23:53:10 +0200 (CEST) Received: from gai-gate.bechtel.com ([208.2.28.229] helo=fres0090.amers.ibechtel.com) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FefZ8-00071v-WE for linux-crypto@nl.linux.org; Fri, 12 May 2006 23:52:55 +0200 Received: by gai-gate.bechtel.com with Internet Mail Service (5.5.2657.72) id ; Fri, 12 May 2006 17:36:47 -0400 Received: from fres0090.amers.ibechtel.com (gai-gate.bechtel.com [147.1.179.196]) by fres0090.amers.ibechtel.com with SMTP (Microsoft Exchange Internet Mail Service Version 5.5.2657.72) id KDC6WYRJ; Fri, 12 May 2006 17:36:43 -0400 From: Symantec Alerts To: linux-crypto@nl.linux.org Date: Fri, 12 May 2006 17:36:43 -0400 Subject: =?utf-8?B?UG9saWN5IFZpb2xhdGlvbm==?= MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Message-Id: Received-SPF: X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on humbolt.nl.linux.org X-Spam-Status: No, score=1.7 required=5.0 tests=BAYES_50,MSGID_FROM_MTA_ID autolearn=no version=3.0.1 X-Spam-Level: * X-ecartis-version: Ecartis v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: savfre@bechtel.com Precedence: bulk List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto The following message sent by this account has violated system policy: From: linux-crypto@nl.linux.org To: rbechtel@bechtel.com Date: Fri, 12 May 2006 17:36:42 -0400 Subject: Returned mail: Data format error The following violations were detected: --- Scan information follows --- Virus Name: W32.Mydoom.M@mm File Attachment: rbechtel@bechtel.com.zip Attachment Status: infected Virus Name: W32.Mydoom.M@mm File Attachment: rbechtel@bechtel.com.zip/rbechtel@bechtel.com.txt .pif Attachment Status: infected --- File name Block information follows --- File Attachment: M2006051217364210454.mes/rbechtel@bechtel.com.zip/rbechtel@bechtel.com.txt .pif Matching file name: *.pif - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Fri May 19 12:53:56 2006 Received: from localhost ([127.0.0.1] helo=humbolt) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1Fh2cA-0006Wo-Uw; Fri, 19 May 2006 12:53:51 +0200 Received: with ECARTIS (v1.0.0; list linux-crypto); Fri, 19 May 2006 12:53:13 +0200 (CEST) Received: from mail.gmx.net ([213.165.64.20]) by humbolt.nl.linux.org with smtp (Exim 4.22) id 1Fh2bL-0006Qb-M6 for linux-crypto@nl.linux.org; Fri, 19 May 2006 12:52:59 +0200 Received: (qmail invoked by alias); 19 May 2006 10:51:06 -0000 Received: from p54BE8D8F.dip0.t-ipconnect.de (EHLO pit.ID-43118.user.dfncis.de) [84.190.141.143] by mail.gmx.net (mp003) with SMTP; 19 May 2006 12:51:06 +0200 X-Authenticated: #19296480 Received: from grfz by pit.ID-43118.user.dfncis.de with local (Exim 4.62) (envelope-from ) id 1Fh2Xp-0002Di-La; Fri, 19 May 2006 12:49:21 +0200 Date: Fri, 19 May 2006 12:49:21 +0200 From: Gregor Zattler To: linux-crypto Subject: How about deniability? (read: http://www.zdnet.co.uk/print/?TYPE=story&AT=39269746-39020330t-10000025c) Message-ID: <20060519104921.GA6018@pit.ID-43118.user.dfncis.de> Mail-Followup-To: linux-crypto MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.5.11 X-Y-GMX-Trusted: 0 Received-SPF: X-Spam-Level: X-Spam-Status: No, score=-1.3 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.0.1 X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on humbolt.nl.linux.org X-ecartis-version: Ecartis v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: telegraph@gmx.net Precedence: bulk List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto Hi, "Government to force handover of encryption keys" http://www.zdnet.co.uk/print/?TYPE=story&AT=39269746-39020330t-10000025c does loop-aes provide some kind of deniability? Does any other free crypto system? Ciao, Gregor -- -... --- .-. . -.. ..--.. ...-.- - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Fri May 19 13:36:10 2006 Received: from localhost ([127.0.0.1] helo=humbolt) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1Fh3H4-0002M6-Lk; Fri, 19 May 2006 13:36:06 +0200 Received: with ECARTIS (v1.0.0; list linux-crypto); Fri, 19 May 2006 13:35:51 +0200 (CEST) Received: from wr-out-0506.google.com ([64.233.184.226]) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1Fh3Ga-0002LM-4k for linux-crypto@nl.linux.org; Fri, 19 May 2006 13:35:36 +0200 Received: by wr-out-0506.google.com with SMTP id i4so647134wra for ; Fri, 19 May 2006 04:35:33 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=j4bEMm8I3Wtc9KsZXoeE3xG6TIvf6izb6DSCTcCVfEBhtnQQTIaSXrggvaCzC/GShJuNPBmGO1kHcHaEhySAnuf/9kxnpE6dyCNrE2kmjJOnTLVf5gFRUfplBLYM24cdvQ/timAzVZSCaeuqjSimr8ES3UsaBmc1Nqp++GSLy74= Received: by 10.65.237.20 with SMTP id o20mr1324452qbr; Fri, 19 May 2006 04:35:33 -0700 (PDT) Received: by 10.65.157.9 with HTTP; Fri, 19 May 2006 04:35:33 -0700 (PDT) Message-ID: Date: Fri, 19 May 2006 13:35:33 +0200 From: "Antonio Di Salvo" To: linux-crypto Subject: Re: How about deniability? (read: http://www.zdnet.co.uk/print/?TYPE=story&AT=39269746-39020330t-10000025c) In-Reply-To: <20060519104921.GA6018@pit.ID-43118.user.dfncis.de> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: quoted-printable Content-Disposition: inline References: <20060519104921.GA6018@pit.ID-43118.user.dfncis.de> Received-SPF: X-ecartis-version: Ecartis v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: disalvo.antonio@gmail.com Precedence: bulk List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto truecrypt offers a feature called hidden volume that makes use of a nested encrypted file system. If forced, you can reveal the password of the outer volume, while the one that really holds sensitive data is hidden and cannot be distinguished from random data. they give an explanation at this url: http://www.truecrypt.org/hiddenvolume= .php I'm not aware if loop-aes provides something similar, so I cannot answer you. However, I think not (IMHO). If someone know if it is possibile to have completely random-looking data on the disk with root partition encryption, please let me know. Byez! PS: sorry for the english! On 5/19/06, Gregor Zattler wrote: > Hi, > > "Government to force handover of encryption keys" > http://www.zdnet.co.uk/print/?TYPE=3Dstory&AT=3D39269746-39020330t-100000= 25c > > does loop-aes provide some kind of deniability? > > Does any other free crypto system? > > Ciao, Gregor > -- > -... --- .-. . -.. ..--.. ...-.- > > - > Linux-crypto: cryptography in and on the Linux system > Archive: http://mail.nl.linux.org/linux-crypto/ > > - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Fri May 19 13:45:42 2006 Received: from localhost ([127.0.0.1] helo=humbolt) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1Fh3Q8-00034z-Ac; Fri, 19 May 2006 13:45:28 +0200 Received: with ECARTIS (v1.0.0; list linux-crypto); Fri, 19 May 2006 13:45:22 +0200 (CEST) Received: from colibri.its.uu.se ([130.238.4.154]) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1Fh3Pk-00033u-VO for linux-crypto@nl.linux.org; Fri, 19 May 2006 13:45:04 +0200 Received: by colibri.its.uu.se (Postfix, from userid 211) id 7C9F5999; Fri, 19 May 2006 13:44:59 +0200 (DFT) Received: from colibri.its.uu.se(127.0.0.1) by colibri.its.uu.se via virus-scan id s14362; Fri, 19 May 06 13:44:47 +0200 Received: from [130.243.148.119] (nl103-148-119.student.uu.se [130.243.148.119]) by colibri.its.uu.se (Postfix) with ESMTP id 87EAF57D for ; Fri, 19 May 2006 13:44:47 +0200 (DFT) Message-ID: <446DAFCA.5050507@telia.com> Date: Fri, 19 May 2006 13:45:14 +0200 From: =?ISO-8859-1?Q?Gabriel_J=E4genstedt?= User-Agent: Mozilla Thunderbird 1.0.8 (X11/20060502) X-Accept-Language: en-us, en MIME-Version: 1.0 To: linux-crypto@nl.linux.org Subject: Re: How about deniability? (read: http://www.zdnet.co.uk/print/?TYPE=story&AT=39269746-39020330t-10000025c) References: <20060519104921.GA6018@pit.ID-43118.user.dfncis.de> In-Reply-To: X-Enigmail-Version: 0.92.1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Received-SPF: X-ecartis-version: Ecartis v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: gabriel.j@telia.com Precedence: bulk List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto I have all my disks completly encrypted. The boot partition is on a usb-stick. There is a section on this in the loop-aes.readme. Antonio Di Salvo wrote: > truecrypt offers a feature called hidden volume that makes use of a > nested encrypted file system. If forced, you can reveal the password > of the outer volume, while the one that really holds sensitive data is > hidden and cannot be distinguished from random data. > they give an explanation at this url: > http://www.truecrypt.org/hiddenvolume.php > > I'm not aware if loop-aes provides something similar, so I cannot > answer you. However, I think not (IMHO). If someone know if it is > possibile to have completely random-looking data on the disk with root > partition encryption, please let me know. > > Byez! > > PS: sorry for the english! > > On 5/19/06, Gregor Zattler wrote: > >> Hi, >> >> "Government to force handover of encryption keys" >> http://www.zdnet.co.uk/print/?TYPE=story&AT=39269746-39020330t-10000025c >> >> does loop-aes provide some kind of deniability? >> >> Does any other free crypto system? >> >> Ciao, Gregor >> -- >> -... --- .-. . -.. ..--.. ...-.- >> >> - >> Linux-crypto: cryptography in and on the Linux system >> Archive: http://mail.nl.linux.org/linux-crypto/ >> >> > > - > Linux-crypto: cryptography in and on the Linux system > Archive: http://mail.nl.linux.org/linux-crypto/ > > - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Fri May 19 20:45:10 2006 Received: from localhost ([127.0.0.1] helo=humbolt) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1Fh9yA-0004eh-PZ; Fri, 19 May 2006 20:45:02 +0200 Received: with ECARTIS (v1.0.0; list linux-crypto); Fri, 19 May 2006 20:44:37 +0200 (CEST) Received: from druss.secaron.de ([195.145.99.123]) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1Fh9xS-0004c0-5d for linux-crypto@nl.linux.org; Fri, 19 May 2006 20:44:18 +0200 Received: from druss.secaron.de (localhost [127.0.0.1]) by druss-vscan.secaron.de (Postfix) with ESMTP id A56613AF3D for ; Fri, 19 May 2006 20:14:40 +0200 (MET DST) Received: from marvin.munich.secaron.de (marvin.munich.secaron.de [192.168.1.20]) by druss.secaron.de (Postfix) with ESMTP id 545063AF0E for ; Fri, 19 May 2006 20:14:40 +0200 (MET DST) Received: by marvin.munich.secaron.de (Postfix, from userid 9) id DECED9328A; Fri, 19 May 2006 20:14:39 +0200 (CEST) X-Original-To: news2mail@mail2news-gw.secaron.de Delivered-To: news2mail@mail2news-gw.secaron.de From: Wolfgang Aigner Subject: Re: How about deniability? (read: http://www.zdnet.co.uk/print/?TYPE=story&AT=39269746-39020330t-10000025c) Date: Fri, 19 May 2006 20:14:39 +0200 Organization: Secaron AG Munich Lines: 31 Message-ID: References: <20060519104921.GA6018@pit.ID-43118.user.dfncis.de> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Trace: marvin.munich.secaron.de 1148062479 21876 192.168.1.175 (19 May 2006 18:14:39 GMT) X-Complaints-To: usenet@secaron.de X-Enigmail-Version: 0.94.0.0 To: linux-crypto@nl.linux.org Received-SPF: X-ecartis-version: Ecartis v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: list-linux-crypto@mail2news-gw.secaron.de Precedence: bulk List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Gregor Zattler wrote: > Hi, > > "Government to force handover of encryption keys" > http://www.zdnet.co.uk/print/?TYPE=story&AT=39269746-39020330t-10000025c > > does loop-aes provide some kind of deniability? No, at the moment not. There are also a bunch of problems on such a feature if it is used on loop devices and you don't dictate the filesystem. > Does any other free crypto system? Truecrypt (as mentioned) Rubberhose PhoneBook (FUSE implementation) StegFS (no development at the moment) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFEbgsPJ/k3KwFqU/kRAjVVAKCqKb+Nf8uN+V8d6qv9NtCuNUG7DQCgnT2V A+Srey4D9Fo+irm6WzcqM78= =gwGa -----END PGP SIGNATURE----- -- The From: and Reply-To: addresses are internal news2mail gateway addresses. Reply to the list or to Wolfgang Aigner - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Fri May 19 21:27:55 2006 Received: from localhost ([127.0.0.1] helo=humbolt) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FhAdc-0000VF-L6; Fri, 19 May 2006 21:27:52 +0200 Received: with ECARTIS (v1.0.0; list linux-crypto); Fri, 19 May 2006 21:27:37 +0200 (CEST) Received: from mail.tnnet.fi ([217.112.240.26]) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FhAd6-0000UD-Em for linux-crypto@nl.linux.org; Fri, 19 May 2006 21:27:20 +0200 Received: from localhost (localhost [127.0.0.1]) by mail.tnnet.fi (Postfix) with ESMTP id AEA563AE38E; Fri, 19 May 2006 22:27:14 +0300 (EEST) Received: from mail.tnnet.fi ([127.0.0.1]) by localhost (mail [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 19243-01; Fri, 19 May 2006 22:27:13 +0300 (EEST) Received: from a64.adsl.tnnet.fi (a64.adsl.tnnet.fi [217.112.242.64]) by mail.tnnet.fi (Postfix) with ESMTP id 470663744BF; Fri, 19 May 2006 22:27:13 +0300 (EEST) Message-ID: <446E1C10.C33745EC@users.sourceforge.net> Date: Fri, 19 May 2006 22:27:12 +0300 From: Jari Ruusu To: Gregor Zattler Cc: linux-crypto Subject: Re: How about deniability? (read: http://www.zdnet.co.uk/print/?TYPE=story&AT=39269746-39020330t-10000025c) References: <20060519104921.GA6018@pit.ID-43118.user.dfncis.de> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Virus-Scanned: amavisd-new at mail.tnnet.fi Received-SPF: X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on humbolt.nl.linux.org X-Spam-Level: X-Spam-Status: No, score=-2.5 required=5.0 tests=AWL,BAYES_00 autolearn=no version=3.0.1 X-ecartis-version: Ecartis v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: jariruusu@users.sourceforge.net Precedence: bulk List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto Gregor Zattler wrote: > does loop-aes provide some kind of deniability? Yes, if you set it up that way. For example, if you set up a computer to first try to boot from USB-stick, and then to try hard disk boot. disk partition Normal boot usage Forced key handover boot usage ~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ /dev/hda1 not used unencrypted /boot /dev/hda2 not used encrypted root /dev/hda3 encrypted swap, random keys encrypted swap, random keys /dev/hda4 encrypted root encrypted /tmp, random keys USB-stick Normal boot usage Forced key handover boot usage ~~~~~~~~~ ~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ /dev/sda unencrypted /boot not used You install some small distro on /dev/hda2, and never put any secret data there. You install your normal distro on /dev/hda4, and put your secret data there. On normal usage, you always boot your computer from USB-stick to encrypted root on /dev/hda4. Key files used for encrypting /dev/hda4 and /dev/hda2 are different, and use different gpg passphrases. If you accidentally try to boot from hard disk, you never enter the 'key handover' passphrase. When you are forced to reveal the 'key handover' passphrase, your computer boots to encrypted root on /dev/hda2. You can do that only *once*, because according to /etc/fstab on /dev/hda2 root partition, mount sets up random loop encryption keys on /dev/hda4, and runs 'mkfs' on /dev/hda4, effectively overwriting file system structure there. After one such 'key handover' boot, even when used with correct key file and passphrase from your USB-stick, you or anyone else, have significant difficulties recovering data from /dev/hda4. -- Jari Ruusu 1024R/3A220F51 5B 4B F9 BB D3 3F 52 E9 DB 1D EB E3 24 0E A9 DD - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Sat May 20 06:51:30 2006 Received: from localhost ([127.0.0.1] helo=humbolt) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FhJQz-0001Vt-04; Sat, 20 May 2006 06:51:25 +0200 Received: with ECARTIS (v1.0.0; list linux-crypto); Sat, 20 May 2006 06:50:59 +0200 (CEST) Received: from vms048pub.verizon.net ([206.46.252.48]) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FhJQE-0001T5-3p for linux-crypto@nl.linux.org; Sat, 20 May 2006 06:50:38 +0200 Received: from office.acculin.com ([129.44.174.212]) by vms048.mailsrvcs.net (Sun Java System Messaging Server 6.2-4.02 (built Sep 9 2005)) with ESMTPA id <0IZJ001CVS45UU4A@vms048.mailsrvcs.net> for linux-crypto@nl.linux.org; Fri, 19 May 2006 23:50:30 -0500 (CDT) Received: from localhost (localhost [127.0.0.1]) by localhost.pangloss.acculin.com (Postfix) with ESMTP id 678751FCCF for ; Sat, 20 May 2006 00:50:29 -0400 (EDT) Received: from office.acculin.com ([127.0.0.1]) by localhost (Pangloss.acculin.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 22819-03 for ; Sat, 20 May 2006 00:50:21 -0400 (EDT) Received: from [192.168.0.6] (Cunegonde.paulshome.acculin.com [192.168.0.6]) by office.acculin.com (Postfix) with ESMTP id B57FF17584 for ; Sat, 20 May 2006 00:50:20 -0400 (EDT) Date: Sat, 20 May 2006 00:50:10 -0400 From: Info Subject: Re: How about deniability? (read: http://www.zdnet.co.uk/print/?TYPE=story&AT=39269746-39020330t-10000025c) In-reply-to: <446E1C10.C33745EC@users.sourceforge.net> To: linux-crypto@nl.linux.org Message-id: <446EA002.2090600@acculin.com> MIME-version: 1.0 Content-type: text/plain; charset=ISO-8859-1; format=flowed Content-transfer-encoding: 7bit X-Virus-Scanned: by amavisd-new at acculin.com References: <20060519104921.GA6018@pit.ID-43118.user.dfncis.de> <446E1C10.C33745EC@users.sourceforge.net> User-Agent: Thunderbird 1.5 (X11/20051201) Received-SPF: X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on humbolt.nl.linux.org X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00 autolearn=no version=3.0.1 X-Spam-Level: X-ecartis-version: Ecartis v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: info@acculin.com Precedence: bulk List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto Jari Ruusu wrote: > Gregor Zattler wrote: > >> does loop-aes provide some kind of deniability? >> > > Yes, if you set it up that way. For example, if you set up a computer to > first try to boot from USB-stick, and then to try hard disk boot. > > disk partition Normal boot usage Forced key handover boot usage > ~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > /dev/hda1 not used unencrypted /boot > /dev/hda2 not used encrypted root > /dev/hda3 encrypted swap, random keys encrypted swap, random keys > /dev/hda4 encrypted root encrypted /tmp, random keys > > USB-stick Normal boot usage Forced key handover boot usage > ~~~~~~~~~ ~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > /dev/sda unencrypted /boot not used > > You install some small distro on /dev/hda2, and never put any secret data > there. You install your normal distro on /dev/hda4, and put your secret data > there. > > On normal usage, you always boot your computer from USB-stick to encrypted > root on /dev/hda4. Key files used for encrypting /dev/hda4 and /dev/hda2 are > different, and use different gpg passphrases. If you accidentally try to > boot from hard disk, you never enter the 'key handover' passphrase. When you > are forced to reveal the 'key handover' passphrase, your computer boots to > encrypted root on /dev/hda2. You can do that only *once*, because according > to /etc/fstab on /dev/hda2 root partition, mount sets up random loop > encryption keys on /dev/hda4, and runs 'mkfs' on /dev/hda4, effectively > overwriting file system structure there. After one such 'key handover' boot, > even when used with correct key file and passphrase from your USB-stick, you > or anyone else, have significant difficulties recovering data from > /dev/hda4. > > Although I will agree that this provides a great deal of security for the data I don't think that it provides 'deniability'. In particular if the attack consists of physical possession of the computer and an analysis of the disk drive content without the attempt to boot it, and even more so if the usb key is available to the attacker. Truecrypt does provide some degree of deniability, although you have clearly demonstrated previously its vulnerability to watermark attacks (which somewhat diminishes the deniability). - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Sat May 20 09:15:05 2006 Received: from localhost ([127.0.0.1] helo=humbolt) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FhLft-0005av-Oh; Sat, 20 May 2006 09:14:57 +0200 Received: with ECARTIS (v1.0.0; list linux-crypto); Sat, 20 May 2006 09:14:34 +0200 (CEST) Received: from ftppro.com ([69.36.166.161]) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FhLfM-0005Zq-AL for linux-crypto@nl.linux.org; Sat, 20 May 2006 09:14:24 +0200 Received: (from root@localhost) by ftppro.com (8.11.6/8.11.6) id k4JKlZQ29102; Fri, 19 May 2006 14:47:35 -0600 Date: Fri, 19 May 2006 14:47:35 -0600 From: autoreply@ftppro.com Message-Id: <200605192047.k4JKlZQ29102@ftppro.com> To: linux-crypto@nl.linux.org Content-Type: text/plain; charset=ISO-8859-1 Subject: AutoReply from FTPPro.com Received-SPF: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,NO_REAL_NAME autolearn=no version=3.0.1 X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on humbolt.nl.linux.org X-Spam-Level: X-ecartis-version: Ecartis v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: autoreply@ftppro.com Precedence: bulk List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto You sent a message to an FTPPro.com email address that has been changed. Please re-send your email to the following address: ss {AT} ftppro.com (replace {AT} with the "@" symbol, and remove the blank spaces) Thank you, FTPPro.com p.s. Replies to the "AutoReply" email address will not be read. - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Sat May 20 15:12:49 2006 Received: from localhost ([127.0.0.1] helo=humbolt) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FhRFy-0001Lu-NH; Sat, 20 May 2006 15:12:34 +0200 Received: with ECARTIS (v1.0.0; list linux-crypto); Sat, 20 May 2006 15:11:46 +0200 (CEST) Received: from mail.tnnet.fi ([217.112.240.26]) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FhREz-0001KU-Hd for linux-crypto@nl.linux.org; Sat, 20 May 2006 15:11:33 +0200 Received: from localhost (localhost [127.0.0.1]) by mail.tnnet.fi (Postfix) with ESMTP id 0509E3AE133; Sat, 20 May 2006 16:11:30 +0300 (EEST) Received: from mail.tnnet.fi ([127.0.0.1]) by localhost (mail [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 12395-02; Sat, 20 May 2006 16:11:28 +0300 (EEST) Received: from a64.adsl.tnnet.fi (a64.adsl.tnnet.fi [217.112.242.64]) by mail.tnnet.fi (Postfix) with ESMTP id 9D5EA33EF42; Sat, 20 May 2006 16:11:28 +0300 (EEST) Message-ID: <446F157F.DFC04AA2@users.sourceforge.net> Date: Sat, 20 May 2006 16:11:27 +0300 From: Jari Ruusu To: Info Cc: linux-crypto@nl.linux.org Subject: Re: How about deniability? (read:http://www.zdnet.co.uk/print/?TYPE=story&AT=39269746-39020330t-10000025c) References: <20060519104921.GA6018@pit.ID-43118.user.dfncis.de> <446E1C10.C33745EC@users.sourceforge.net> <446EA002.2090600@acculin.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Virus-Scanned: amavisd-new at mail.tnnet.fi Received-SPF: X-Spam-Level: X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on humbolt.nl.linux.org X-Spam-Status: No, score=-2.5 required=5.0 tests=AWL,BAYES_00 autolearn=no version=3.0.1 X-ecartis-version: Ecartis v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: jariruusu@users.sourceforge.net Precedence: bulk List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto Info wrote: > Although I will agree that this provides a great deal of security for the > data I don't think that it provides 'deniability'. In particular if the > attack consists of physical possession of the computer and an analysis of > the disk drive content without the attempt to boot it, After handing over the passphrase to /dev/hda2 root partition, all hard disk space is accounted for. Files on /dev/hda1 and /dev/hda2 are readable, and user can prove that programs on /dev/hda2 root partition create random encryption keys for /dev/hda3 and /dev/hda4 on each boot, and that user has no way of knowing what earlier encryption keys were on those two partitions. > and even more so if the usb key is available to the attacker. Here user insists that /dev/hda2 is the root partition. That way all hard disk space is accounted for. Attacker can prove existence of one small gpg encrypted file on USB-stick for which user has forgotten passphrase. -- Jari Ruusu 1024R/3A220F51 5B 4B F9 BB D3 3F 52 E9 DB 1D EB E3 24 0E A9 DD - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Sat May 20 18:29:39 2006 Received: from localhost ([127.0.0.1] helo=humbolt) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FhUKb-0002p3-V6; Sat, 20 May 2006 18:29:34 +0200 Received: with ECARTIS (v1.0.0; list linux-crypto); Sat, 20 May 2006 18:28:59 +0200 (CEST) Received: from enyo.dsw2k3.info ([195.71.86.239]) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FhUJq-0002oL-3r for linux-crypto@nl.linux.org; Sat, 20 May 2006 18:28:46 +0200 Received: from localhost (localhost [127.0.0.1]) by enyo.dsw2k3.info (Postfix) with ESMTP id 96D092C37D; Sat, 20 May 2006 18:28:38 +0200 (CEST) Received: from enyo.dsw2k3.info ([127.0.0.1]) by localhost (enyo [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 03687-02-3; Sat, 20 May 2006 18:28:32 +0200 (CEST) Received: from [192.168.100.3] (p548B3AF7.dip0.t-ipconnect.de [84.139.58.247]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by enyo.dsw2k3.info (Postfix) with ESMTP id 4DAD32C37B; Sat, 20 May 2006 18:28:32 +0200 (CEST) Message-ID: <446F43AF.5060501@citd.de> Date: Sat, 20 May 2006 18:28:31 +0200 From: Matthias Schniedermeyer User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.5) Gecko/20041217 Mnenhy/0.7 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Jari Ruusu Cc: Info , linux-crypto@nl.linux.org Subject: Re: How about deniability? (read:http://www.zdnet.co.uk/print/?TYPE=story&AT=39269746-39020330t-10000025c) References: <20060519104921.GA6018@pit.ID-43118.user.dfncis.de> <446E1C10.C33745EC@users.sourceforge.net> <446EA002.2090600@acculin.com> <446F157F.DFC04AA2@users.sourceforge.net> In-Reply-To: <446F157F.DFC04AA2@users.sourceforge.net> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at dsw2k3.info Received-SPF: X-ecartis-version: Ecartis v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: ms@citd.de Precedence: bulk List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto Jari Ruusu wrote: > Info wrote: > >>Although I will agree that this provides a great deal of security for the >>data I don't think that it provides 'deniability'. In particular if the >>attack consists of physical possession of the computer and an analysis of >>the disk drive content without the attempt to boot it, > > > After handing over the passphrase to /dev/hda2 root partition, all hard disk > space is accounted for. Files on /dev/hda1 and /dev/hda2 are readable, and > user can prove that programs on /dev/hda2 root partition create random > encryption keys for /dev/hda3 and /dev/hda4 on each boot, and that user has > no way of knowing what earlier encryption keys were on those two partitions. > > >>and even more so if the usb key is available to the attacker. > > > Here user insists that /dev/hda2 is the root partition. That way all hard > disk space is accounted for. Attacker can prove existence of one small gpg > encrypted file on USB-stick for which user has forgotten passphrase. That just doesn't fly with for e.g. when you computer is sized by the police when you are away from home. In a german magazine there was an article about disc duplication that was written by someone from the police. They NEVER would boot a computer, as it is, after they sized it. They take out the HDD and make a backup of it and only operate on these backups, then the computer and the original HDD(s) is locked away. (The article was about the time and storage space it takes to make these kind of duplications of hard discs) If you encrypted you computer right(tm) they woun't be able to break it, but the "self destruct" won't work either. Bis denn -- Real Programmers consider "what you see is what you get" to be just as bad a concept in Text Editors as it is in women. No, the Real Programmer wants a "you asked for it, you got it" text editor -- complicated, cryptic, powerful, unforgiving, dangerous. - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Sat May 20 18:51:51 2006 Received: from localhost ([127.0.0.1] helo=humbolt) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FhUg7-0004YQ-LZ; Sat, 20 May 2006 18:51:47 +0200 Received: with ECARTIS (v1.0.0; list linux-crypto); Sat, 20 May 2006 18:51:32 +0200 (CEST) Received: from nf-out-0910.google.com ([64.233.182.187]) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FhUfY-0004Bf-PD for linux-crypto@nl.linux.org; Sat, 20 May 2006 18:51:12 +0200 Received: by nf-out-0910.google.com with SMTP id l23so198326nfc for ; Sat, 20 May 2006 09:49:47 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:mime-version:content-type; b=OTO84O7F6fCQgLzje6/TFtakoMyXVA0DjgT9kB/m4I3CDq2kfJ8678f8uhFamll5r+H1mwPdwNABHBB+4Z27YvFA6qivcHHfRaNMS0jhMRvrzwLuaZX46/fK7Cmrui1oFeDqUNHDtT0Es6osM2UC6QAwJXpb87O5hsXqzO7Rpvc= Received: by 10.49.7.18 with SMTP id k18mr2358016nfi; Sat, 20 May 2006 09:49:47 -0700 (PDT) Received: by 10.49.92.13 with HTTP; Sat, 20 May 2006 09:49:47 -0700 (PDT) Message-ID: Date: Sat, 20 May 2006 19:49:47 +0300 From: "Michael Garibaldi" To: linux-crypto@nl.linux.org Subject: Re: How about deniability? (read:http://www.zdnet.co.uk/print/?TYPE=story&AT=39269746-39020330t-10000025c) MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_14523_9474555.1148143787292" Received-SPF: X-Spam-Level: X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on humbolt.nl.linux.org X-Spam-Status: No, score=-0.7 required=5.0 tests=AWL,BAYES_00,HTML_00_10, HTML_MESSAGE,RCVD_BY_IP,RCVD_IN_BL_SPAMCOP_NET autolearn=no version=3.0.1 X-ecartis-version: Ecartis v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: michaelgari@gmail.com Precedence: bulk List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto ------=_Part_14523_9474555.1148143787292 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: quoted-printable Content-Disposition: inline >> Here user insists that /dev/hda2 is the root partition. That way all har= d >> disk space is accounted for. Attacker can prove existence of one small gpg >> encrypted file on USB-stick for which user has forgotten passphrase. > That just doesn't fly with for e.g. when you computer is sized by the police when you are away from home. Obviously the police are not going to find one's USB stick on the computer, when one is not home. The stick is ONLY used for booting and then carefully hidden. It does not matter if the "self destruct" works or not, what matter= s is that there is absolutely no reason to even suspect that a different kind of encryption is being used on the system. It boots from the HDD and uses all the available space, and the police will get the key that will unlock the fake system, and that's it. As long as the USB stick is kept safe (whic= h should be trivial to do), they have absolutely nothing to even suggest ther= e being a parallel system encrypted with other keys. And as Jari pointed out, even if they actually get the USB stick too, they really cannot prove anything. P.S. they may, however, be smart enough to type one's name on Google and find out that one has been discussing this topic on this public mailing list. ------=_Part_14523_9474555.1148143787292 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline >> Here user insists that /dev/hda2 is the root partition. That way a= ll hard
>> disk space is accounted for. Attacker can prove existence of o= ne small gpg
>> encrypted file on USB-stick for which user has forgotten passp= hrase.
> That just doesn't fly with for e.g. when you computer is sized by the= =20 police when you are away from home.

Obviously the police are not going to find one's USB stick on the compu= ter, when one is not home. The stick is ONLY used for booting and then care= fully hidden. It does not matter if the "self destruct" works or = not, what matters is that there is absolutely no reason to even suspect tha= t a different kind of encryption is being used on the system. It boots from= the HDD and uses all the available space, and the police will get the key = that will unlock the fake system, and that's it. As long as the USB stick i= s kept safe (which should be trivial to do), they have absolutely nothing t= o even suggest there being a parallel system encrypted with other keys. And= as Jari pointed out, even if they actually get the USB stick too, they rea= lly cannot prove anything.

P.S. they may, however, be smart enough to type one's name on Googl= e and find out that one has been discussing this topic on this public maili= ng list.

------=_Part_14523_9474555.1148143787292-- - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Sat May 20 20:53:34 2006 Received: from localhost ([127.0.0.1] helo=humbolt) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FhWZu-00066W-EE; Sat, 20 May 2006 20:53:30 +0200 Received: with ECARTIS (v1.0.0; list linux-crypto); Sat, 20 May 2006 20:52:53 +0200 (CEST) Received: from enyo.dsw2k3.info ([195.71.86.239]) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FhWZ1-00065Y-78 for linux-crypto@nl.linux.org; Sat, 20 May 2006 20:52:35 +0200 Received: from localhost (localhost [127.0.0.1]) by enyo.dsw2k3.info (Postfix) with ESMTP id D137C2C37B; Sat, 20 May 2006 20:52:27 +0200 (CEST) Received: from enyo.dsw2k3.info ([127.0.0.1]) by localhost (enyo [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 12575-05; Sat, 20 May 2006 20:52:18 +0200 (CEST) Received: from [192.168.100.3] (p548B3AF7.dip0.t-ipconnect.de [84.139.58.247]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by enyo.dsw2k3.info (Postfix) with ESMTP id 4B79A2C379; Sat, 20 May 2006 20:52:18 +0200 (CEST) Message-ID: <446F6561.4050904@citd.de> Date: Sat, 20 May 2006 20:52:17 +0200 From: Matthias Schniedermeyer User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.5) Gecko/20041217 Mnenhy/0.7 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Michael Garibaldi Cc: linux-crypto@nl.linux.org Subject: Re: How about deniability? (read:http://www.zdnet.co.uk/print/?TYPE=story&AT=39269746-39020330t-10000025c) References: In-Reply-To: Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at dsw2k3.info Received-SPF: X-ecartis-version: Ecartis v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: ms@citd.de Precedence: bulk List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto Michael Garibaldi wrote: > >> Here user insists that /dev/hda2 is the root partition. That way all > hard > >> disk space is accounted for. Attacker can prove existence of one > small gpg > >> encrypted file on USB-stick for which user has forgotten passphrase. > > That just doesn't fly with for e.g. when you computer is sized by the > police when you are away from home. > > Obviously the police are not going to find one's USB stick on the > computer, when one is not home. The stick is ONLY used for booting and > then carefully hidden. It does not matter if the "self destruct" works > or not, what matters is that there is absolutely no reason to even > suspect that a different kind of encryption is being used on the system. > It boots from the HDD and uses all the available space, and the police > will get the key that will unlock the fake system, and that's it. As > long as the USB stick is kept safe (which should be trivial to do), they > have absolutely nothing to even suggest there being a parallel system > encrypted with other keys. And as Jari pointed out, even if they > actually get the USB stick too, they really cannot prove anything. When you don't "boot" the system, but inspect the HDD-Image from another system there are a few "obvious" information missing which you had when you actually booted the system. So for the police you would have an unencrypted "boot" partition and 3 partitions with random data. From the unencrypted partition would would get an indication that the 2 second partition contains a root-filesystem, but that's about what you can get from the sample-setup without breaking the decryption. So from the police-Standpoint there are 3 "unaccounted" partitions. If you encrypted the whole HDD (including sector 0) the deniability would be slightly better as there is no "partition" at all you could say that you just hadn't hat time to install the computer. :-) Or use a random reagion on the HDD and filling the rest with random data. e.g. when you have a 200GB HDD, fill it with 200GB of random data and then just use the range from e.g. 96GB-145GB. As it shouldn't be possible distinguish the encrypted data from the actual random-data you would have enough room for another "container" as a decoy. > P.S. they may, however, be smart enough to type one's name on Google and > find out that one has been discussing this topic on this public mailing > list. That's the drawback when you have a (AFAICS) "unique" name. P.S. If i'm not mistaken you aren't using your real name. Bis denn -- Real Programmers consider "what you see is what you get" to be just as bad a concept in Text Editors as it is in women. No, the Real Programmer wants a "you asked for it, you got it" text editor -- complicated, cryptic, powerful, unforgiving, dangerous. - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Sat May 20 20:54:53 2006 Received: from localhost ([127.0.0.1] helo=humbolt) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FhWbC-0006F3-Bo; Sat, 20 May 2006 20:54:50 +0200 Received: with ECARTIS (v1.0.0; list linux-crypto); Sat, 20 May 2006 20:54:45 +0200 (CEST) Received: from moutng.kundenserver.de ([212.227.126.188]) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FhWax-0006EY-Bl for linux-crypto@nl.linux.org; Sat, 20 May 2006 20:54:35 +0200 Received: from [80.141.237.72] (helo=genius.thomas-weinbrenner.de) by mrelayeu.kundenserver.de (node=mrelayeu2) with ESMTP (Nemesis), id 0MKwtQ-1FhWau0eHO-0001xi; Sat, 20 May 2006 20:54:34 +0200 Received: by genius.thomas-weinbrenner.de (Postfix, from userid 1000) id 49EC76B672; Sat, 20 May 2006 20:54:31 +0200 (CEST) Date: Sat, 20 May 2006 20:54:31 +0200 From: Thomas Weinbrenner To: linux-crypto@nl.linux.org Subject: Re: How about deniability? (read:http://www.zdnet.co.uk/print/?TYPE=story&AT=39269746-39020330t-10000025c) Message-ID: <20060520185431.GA6154@genius.thomas-weinbrenner.de> References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: mutt-ng/devel-r622 (Linux) X-Provags-ID: kundenserver.de abuse@kundenserver.de login:c43fd50de372eb9ddf9578350309e3ee Received-SPF: X-Spam-Level: X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on humbolt.nl.linux.org X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00 autolearn=no version=3.0.1 X-ecartis-version: Ecartis v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: thomas@thomas-weinbrenner.de Precedence: bulk List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto Michael Garibaldi wrote: > Obviously the police are not going to find one's USB stick on the > computer, when one is not home. The stick is ONLY used for booting and > then carefully hidden. It does not matter if the "self destruct" works > or not, what matters is that there is absolutely no reason to even > suspect that a different kind of encryption is being used on the > system. It boots from the HDD and uses all the available space, and > the police will get the key that will unlock > the fake system, and that's it. As long as the USB stick is kept safe > (which should be trivial to do), they have absolutely nothing to even > suggest there being a parallel system encrypted with other keys. The timestamps will show that the files weren't accessed for months or even years. And there are also all those logfiles in /var/log which include dates. I think there will be enough proof that the system wasn't can't be the system you are normally using. -- Thomas Weinbrenner - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Sun May 21 14:24:20 2006 Received: from localhost ([127.0.0.1] helo=humbolt) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1Fhmyl-0005ho-Uv; Sun, 21 May 2006 14:24:16 +0200 Received: with ECARTIS (v1.0.0; list linux-crypto); Sun, 21 May 2006 14:23:43 +0200 (CEST) Received: from mail.tnnet.fi ([217.112.240.26]) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1Fhmy1-0005gt-3E for linux-crypto@nl.linux.org; Sun, 21 May 2006 14:23:29 +0200 Received: from localhost (localhost [127.0.0.1]) by mail.tnnet.fi (Postfix) with ESMTP id 08AF13AD755; Sun, 21 May 2006 15:23:24 +0300 (EEST) Received: from mail.tnnet.fi ([127.0.0.1]) by localhost (mail [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 27111-14; Sun, 21 May 2006 15:23:22 +0300 (EEST) Received: from a64.adsl.tnnet.fi (a64.adsl.tnnet.fi [217.112.242.64]) by mail.tnnet.fi (Postfix) with ESMTP id 9A9993AD191; Sun, 21 May 2006 15:23:22 +0300 (EEST) Message-ID: <44705BB9.B1EA4A97@users.sourceforge.net> Date: Sun, 21 May 2006 15:23:21 +0300 From: Jari Ruusu To: Thomas Weinbrenner Cc: linux-crypto@nl.linux.org Subject: Re: How about deniability? (read:http://www.zdnet.co.uk/print/?TYPE=story&AT=39269746-39020330t-10000025c) References: <20060520185431.GA6154@genius.thomas-weinbrenner.de> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Virus-Scanned: amavisd-new at mail.tnnet.fi Received-SPF: X-Spam-Status: No, score=-2.5 required=5.0 tests=AWL,BAYES_00 autolearn=no version=3.0.1 X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on humbolt.nl.linux.org X-Spam-Level: X-ecartis-version: Ecartis v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: jariruusu@users.sourceforge.net Precedence: bulk List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto Thomas Weinbrenner wrote: > The timestamps will show that the files weren't accessed for months or > even years. And there are also all those logfiles in /var/log which > include dates. I think there will be enough proof that the system wasn't > can't be the system you are normally using. Q: Why haven't files been accessed for months? A: Because file system superblocks contain "noatime" default mount option. Q: Why aren't there any log files in /var/log/* ? A: Because init scripts have been modified to shred and remove /var/log/* and some other files and directories in /var on shutdown. In addition, a shell script, run as cron job once a week from 'normal' root partition /dev/hda4, does these: (1) Fsck and mount /dev/hda2 (via encrypted loop) and /dev/hda1 partitions so that their previous fsck and mount times are updated on their superblocks. (2) Touch some decoy files and directories from /dev/hda2 partition. -- Jari Ruusu 1024R/3A220F51 5B 4B F9 BB D3 3F 52 E9 DB 1D EB E3 24 0E A9 DD - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Sun May 21 17:26:59 2006 Received: from localhost ([127.0.0.1] helo=humbolt) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1FhppX-0003Nl-7e; Sun, 21 May 2006 17:26:55 +0200 Received: with ECARTIS (v1.0.0; list linux-crypto); Sun, 21 May 2006 17:26:16 +0200 (CEST) Received: from enyo.dsw2k3.info ([195.71.86.239]) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1Fhpob-0003Mk-Ck for linux-crypto@nl.linux.org; Sun, 21 May 2006 17:25:57 +0200 Received: from localhost (localhost [127.0.0.1]) by enyo.dsw2k3.info (Postfix) with ESMTP id D5E602C377; Sun, 21 May 2006 17:25:45 +0200 (CEST) Received: from enyo.dsw2k3.info ([127.0.0.1]) by localhost (enyo [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 03490-08-5; Sun, 21 May 2006 17:25:35 +0200 (CEST) Received: from [192.168.100.3] (p548B4AEC.dip0.t-ipconnect.de [84.139.74.236]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by enyo.dsw2k3.info (Postfix) with ESMTP id 76F682C379; Sun, 21 May 2006 17:25:34 +0200 (CEST) Message-ID: <4470866D.7040800@citd.de> Date: Sun, 21 May 2006 17:25:33 +0200 From: Matthias Schniedermeyer User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.5) Gecko/20041217 Mnenhy/0.7 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Jari Ruusu Cc: Thomas Weinbrenner , linux-crypto@nl.linux.org Subject: Re: How about deniability? (read:http://www.zdnet.co.uk/print/?TYPE=story&AT=39269746-39020330t-10000025c) References: <20060520185431.GA6154@genius.thomas-weinbrenner.de> <44705BB9.B1EA4A97@users.sourceforge.net> In-Reply-To: <44705BB9.B1EA4A97@users.sourceforge.net> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at dsw2k3.info Received-SPF: X-ecartis-version: Ecartis v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: ms@citd.de Precedence: bulk List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto Jari Ruusu wrote: > Thomas Weinbrenner wrote: > >>The timestamps will show that the files weren't accessed for months or >>even years. And there are also all those logfiles in /var/log which >>include dates. I think there will be enough proof that the system wasn't >>can't be the system you are normally using. > > > Q: Why haven't files been accessed for months? > A: Because file system superblocks contain "noatime" default mount option. > > Q: Why aren't there any log files in /var/log/* ? > A: Because init scripts have been modified to shred and remove /var/log/* > and some other files and directories in /var on shutdown. > > In addition, a shell script, run as cron job once a week from 'normal' root > partition /dev/hda4, does these: (1) Fsck and mount /dev/hda2 (via encrypted > loop) and /dev/hda1 partitions so that their previous fsck and mount times > are updated on their superblocks. (2) Touch some decoy files and directories > from /dev/hda2 partition. That wouldn't work in the police-case, when the computer was switched on when sized, or when you can recover the "real" time of last use. For perfect denyability you would have to update the "decoy" system continously, when the real-system is used. Or you could configure syslog to "/dev/null" everything, or switch off syslog entirely. OTOH it would be "fishy" if only of the system-parts were missing that provide time-information, even if they are per definition unusable as PROVE. Otherwise you could still somewhat prove that the "decoy" system wasn't the one running when the computer was switched off (as you have the switch-off "timestamp"). But if one doesn't need 100% deniability: In an article about warez-servers i read that at least once they encountered a server that was 100% "on the fly" configured. The whole system was on ramdisk(/ramfs/tmpfs). After switching of there was nothing left, except a bootstrap barebone-system on HDD(*). A loop-aes-partition with random-key would be equally secure, when switched off if configured "on-the-fly" the key would be unrecoverable. Only the work and time needed to get the system flying the first time and every time it is rebooted, for whaterver reason, seams a bit much. ;-) *: The "root"-servers i worked with allow to be booted via network into a "rescure"-system. This way even the HDD isn't needed to bootstrap the server. Bis denn -- Real Programmers consider "what you see is what you get" to be just as bad a concept in Text Editors as it is in women. No, the Real Programmer wants a "you asked for it, you got it" text editor -- complicated, cryptic, powerful, unforgiving, dangerous. - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Thu May 25 02:33:14 2006 Received: from localhost ([127.0.0.1] helo=humbolt) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1Fj3mo-0001HO-Ll; Thu, 25 May 2006 02:33:10 +0200 Received: with ECARTIS (v1.0.0; list linux-crypto); Thu, 25 May 2006 02:32:32 +0200 (CEST) Received: from ms-1.rz.rwth-aachen.de ([134.130.3.130] helo=ms-dienst.rz.rwth-aachen.de) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1Fj3er-0000rs-UL for linux-crypto@nl.linux.org; Thu, 25 May 2006 02:24:57 +0200 Received: from circe (circe.rz.RWTH-Aachen.DE [134.130.3.36]) by ms-dienst.rz.rwth-aachen.de (iPlanet Messaging Server 5.2 Patch 2 (built Jul 14 2004)) with ESMTP id <0IZS00HF7P5FO5@ms-dienst.rz.rwth-aachen.de> for linux-crypto@nl.linux.org; Thu, 25 May 2006 02:24:51 +0200 (MEST) Received: from talos.rz.RWTH-Aachen.DE ([134.130.3.22]) by circe (MailMonitor for SMTP v1.2.2 ) ; Thu, 25 May 2006 02:24:51 +0200 (MEST) Received: from enterprise.ram.rwth-aachen.de (enterprise.ram.RWTH-Aachen.DE [137.226.68.2]) by smarthost.rwth-aachen.de (8.13.1/8.13.1/1) with ESMTP id k4P0Opck012393 for ; Thu, 25 May 2006 02:24:51 +0200 Received: from localhost (localhost [127.0.0.1]) by enterprise.ram.rwth-aachen.de (Postfix) with ESMTP id 1396C5B779 for ; Thu, 25 May 2006 02:24:51 +0200 (CEST) Received: from enterprise.ram.rwth-aachen.de ([127.0.0.1]) by localhost (enterprise [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 19769-01 for ; Thu, 25 May 2006 02:24:50 +0200 (CEST) Received: from tatooine.rebelbase.local (wintergate.ram.rwth-aachen.de [137.226.69.158]) by enterprise.ram.rwth-aachen.de (Postfix) with ESMTP id 8A0555B775 for ; Thu, 25 May 2006 02:24:50 +0200 (CEST) Received: by tatooine.rebelbase.local (Postfix, from userid 500) id 97F096A845; Thu, 25 May 2006 02:24:49 +0200 (CEST) Date: Thu, 25 May 2006 02:24:49 +0200 From: markus reichelt Subject: Benchmarks VIA PadLock To: linux-crypto@nl.linux.org Mail-followup-to: linux-crypto@nl.linux.org Message-id: <20060525002449.GJ9829@dantooine> Organization: still stuck in reorganization mode MIME-version: 1.0 Content-type: multipart/signed; boundary="4C6bbPZ6c/S1npyF"; protocol="application/pgp-signature"; micalg=pgp-sha1 Content-disposition: inline User-Agent: Mutt/1.5.11 X-PGP-Key: 0xC2A3FEE4 X-PGP-Fingerprint: FFB8 E22F D2BC 0488 3D56 F672 2CCC 933B C2A3 FEE4 X-Request-PGP: http://mareichelt.de/keys/c2a3fee4.asc X-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at enterprise.ram.rwth-aachen.de Received-SPF: X-ecartis-version: Ecartis v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: ml@mareichelt.de Precedence: bulk List-help: List-unsubscribe: List-