From owner-freebsd-hackers@FreeBSD.ORG Thu Mar 3 20:52:49 2005 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D447816A4CE for ; Thu, 3 Mar 2005 20:52:49 +0000 (GMT) Received: from snark.piermont.com (snark.piermont.com [166.84.151.72]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3388343D39 for ; Thu, 3 Mar 2005 20:52:49 +0000 (GMT) (envelope-from perry@piermont.com) Received: by snark.piermont.com (Postfix, from userid 1000) id 76246D989A; Thu, 3 Mar 2005 15:52:48 -0500 (EST) To: "Poul-Henning Kamp" References: <10983.1109882590@critter.freebsd.dk> From: "Perry E. Metzger" Date: Thu, 03 Mar 2005 15:52:48 -0500 In-Reply-To: <10983.1109882590@critter.freebsd.dk> (Poul-Henning Kamp's message of "Thu, 03 Mar 2005 21:43:10 +0100") Message-ID: <87y8d4ih9b.fsf@snark.piermont.com> User-Agent: Gnus/5.1006 (Gnus v5.10.6) Emacs/21.3 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailman-Approved-At: Fri, 04 Mar 2005 16:36:07 +0000 cc: ALeine cc: elric@imrryr.org cc: Todd Vierling cc: hackers@freebsd.org cc: tech-security@NetBSD.org cc: ticso@cicely.de Subject: Re: FUD about CGD and GBDE X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Mar 2005 20:52:49 -0000 "Poul-Henning Kamp" writes: > In message , Todd Vierling writes: >>On Thu, 3 Mar 2005, Poul-Henning Kamp wrote: >> >>> At the time where I wrote GBDE, the best that was offered was CGD (and >>> similar) and users (not cryptographers!) didn't trust it >> >>Could you back up this claim, insofar that "users" did not trust cgd? I >>haven't seen any distrust of cgd -- in fact, I've seen quite a bit of >>welcome acceptace of cgd by both users *and* cryptographers. > > Some of the people I talked to were very unhappy about the same key > being used for all sectors on the disk. Now, was that in the first day after cgd was committed or the second? As I recall, you committed GBDE 48 hours after CGD was committed in NetBSD. I'd be curious to hear about how much you changed your design in that period in response to feedback on cgd. (Please correct me if I'm wrong about the time gap.) However: > Some of the people I talked to were very unhappy about the same key > being used for all sectors on the disk. Even a small weakness in > the cipher becomes a big hole because of the amount of data this > offers for analysis. I think we've already established that this fear, though understandable, is not a reasonable one under the circumstances. See several postings already made. You are better off just using AES with a longer key than the GBDE mechanism. Perry