Date: Thu, 04 May 2000 22:22:23 +0200 From: Mark Murray <mark@grondar.za> To: "Andrew J. Korty" <ajk@iu.edu> Cc: security@FreeBSD.ORG Subject: Re: Cryptographic dump(8) Message-ID: <200005042022.WAA07642@grimreaper.grondar.za> In-Reply-To: <Pine.BSF.4.21.0005041323480.26511-100000@verbal.uits.iupui.edu> ; from "Andrew J. Korty" <ajk@iu.edu> "Thu, 04 May 2000 13:31:15 EST." References: <Pine.BSF.4.21.0005041323480.26511-100000@verbal.uits.iupui.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
> I'm starting to second guess this decision, since an attacker could > get inode numbers from the cleartext headers and perform known-text > attacks by guessing which binaries have those inode numbers. You are thinking about this in very much the right way! :-) > If I need to put the random string at the beginning of the header, > then we're throwing the old file format out the window anyway, so > I might as well encrypt everything. ...Unless you could flag it in some creative way "the rest of this is encrypted; sod off"? > The reason for the separation is so that one corrupted block does > not render the entire tape useless. Could you break it in a way that would not compromise the crypto; that is break the stream at ${count} ${units}, rather than at "logical" boundaries, in such a way that the stream can be recovered at some point at the expense of maybe losing a ${block} if it contains a corruption? M -- Mark Murray Join the anti-SPAM movement: http://www.cauce.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200005042022.WAA07642>