Date: Mon, 27 May 2002 10:31:14 +0100 From: Doug Rabson <dfr@nlsystems.com> To: Poul-Henning Kamp <phk@FreeBSD.org>, cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/sys/conf files src/sys/geom geom_aes.c Message-ID: <200205271031.15065.dfr@nlsystems.com> In-Reply-To: <200205261814.g4QIEdg85920@freefall.freebsd.org> References: <200205261814.g4QIEdg85920@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sunday 26 May 2002 7:14 pm, Poul-Henning Kamp wrote: > phk 2002/05/26 11:14:38 PDT > > Modified files: > sys/conf files > Added files: > sys/geom geom_aes.c > Log: > Add a proof-of-concept encryption class. > > "The only hard problem in cryptography is key-management." > > All sectors are encrypted with AES in CBC mode using a constant key, > currently compiled in and all zero. Isn't this a bit pointless. The on-disk data structures are so predictable that you have any number of known-plaintext attacks against this. The only point to encryption at this level is to protect data against physical access to the drive and this doesn't seem to be able to do that... -- Doug Rabson Mail: dfr@nlsystems.com Phone: +44 20 8348 6160 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200205271031.15065.dfr>