Date: Wed, 3 May 2000 14:04:02 -0700 (PDT) From: Matthew Dillon <dillon@apollo.backplane.com> To: "Andrew J. Korty" <ajk@iu.edu> Cc: security@FreeBSD.ORG Subject: Re: Cryptographic dump(8) Message-ID: <200005032104.OAA64975@apollo.backplane.com> References: <Pine.BSF.4.21.0005031329440.21805-100000@kobayashi.uits.iupui.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
:That sounds good, but I should probably leave the very first
:header as cleartext. That way, I can put a flag there to tell
:restore whether or not this tape is encrypted or not.
:
:> Also, putting a random number in each block is important if each block
:> is separately encrypted, for the same reason.
:
:Would it be acceptable to encrypt the header and block together
:but each header/block pair separately? I don't think I have room
:to add anything in the block, so maybe I could get that randomness
:from what I add to the header (CBC should propagate it a little).
:
:--
:Andrew J. Korty, Lead Security Engineer
:Office of the Vice President for Information Technology
:Indiana University
Maybe. I don't know. Random is always best but it
would probably be acceptable to seed the encryption of
later blocks with data from the original header.
-Matt
Matthew Dillon
<dillon@backplane.com>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200005032104.OAA64975>