Date: Wed, 10 May 2000 11:55:10 +0400 (MSD) From: Andrey Sverdlichenko <blaze@infosec.ru> To: security@FreeBSD.ORG Subject: Re: Cryptographic dump(8) Message-ID: <Pine.BSF.4.20.0005101146540.1834-100000@blaze> In-Reply-To: <Pine.BSF.3.96.1000508224013.5152A-100000@haldjas.folklore.ee>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 8 May 2000, Narvi wrote: > Another thing to consider (and I am yet to see it in this discussion): > > Say a block relatively in the beginning of the dump gets read off > the tape corrupted. Any encryption scheme in which such means that > the entire dump is worthless is less than satisfactory in most > environments. Correct me if i'm wrong, but error in cipher block this will break just a corrupted block in CFB mode, this and next blocks in OFB and CBC modes. The rest of dump will be ok and, because of dump block is usually much bigger than cipher block, error will not spread at all, even if entire dump encrypted on single key and IV. -----BEGIN GEEK CODE BLOCK----- Version: 3.1 GIT d- s+:- a-- C++ UB++$ P+ L+ E- W+ N++ o? K? w-- O- M- V? PS+ PE+ Y+ PGP+ t 5+ X R tv b++(+++) DI? D++ G e++ h r- y ------END GEEK CODE BLOCK------ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.20.0005101146540.1834-100000>