Date: Mon, 27 May 2002 10:31:14 +0100 From: Doug Rabson <dfr@nlsystems.com> To: Poul-Henning Kamp <phk@FreeBSD.org>, cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/sys/conf files src/sys/geom geom_aes.c Message-ID: <200205271031.15065.dfr@nlsystems.com> In-Reply-To: <200205261814.g4QIEdg85920@freefall.freebsd.org> References: <200205261814.g4QIEdg85920@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sunday 26 May 2002 7:14 pm, Poul-Henning Kamp wrote: > phk 2002/05/26 11:14:38 PDT > > Modified files: > sys/conf files > Added files: > sys/geom geom_aes.c > Log: > Add a proof-of-concept encryption class. > > "The only hard problem in cryptography is key-management." > > All sectors are encrypted with AES in CBC mode using a constant key, > currently compiled in and all zero. Isn't this a bit pointless. The on-disk data structures are so predictabl= e=20 that you have any number of known-plaintext attacks against this. The onl= y=20 point to encryption at this level is to protect data against physical acc= ess=20 to the drive and this doesn't seem to be able to do that... --=20 Doug Rabson=09=09=09=09Mail: dfr@nlsystems.com =09=09=09=09=09Phone: +44 20 8348 6160 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200205271031.15065.dfr>