Date: Thu, 03 Mar 2005 19:49:03 -0500 From: "Perry E. Metzger" <perry@piermont.com> To: "Poul-Henning Kamp" <phk@phk.freebsd.dk> Cc: ticso@cicely.de Subject: Re: FUD about CGD and GBDE Message-ID: <877jkogrr4.fsf@snark.piermont.com> In-Reply-To: <12467.1109893619@critter.freebsd.dk> (Poul-Henning Kamp's message of "Fri, 04 Mar 2005 00:46:59 %2B0100") References: <12467.1109893619@critter.freebsd.dk>
next in thread | previous in thread | raw e-mail | index | archive | help
"Poul-Henning Kamp" <phk@phk.freebsd.dk> writes: > In message <87d5ugi9ht.fsf@snark.piermont.com>, "Perry E. Metzger" writes: >>> MD5 was believed to be heavily understood in literature. It was >>> well established. Look at what happened to it. >> >>Yup. And Roland made the algorithm you use for encrypting your disk >>*pluggable*. That way, if AES is broken, you can replace it with the >>next big thing and move on with your life. >> >>Now, if AES is indeed broken, GBDE is in serious trouble, but CGD is >>not. Specific users of CGD have to change their drives, but the >>framework continues to work as advertised. > > Gee Perry, now you're spreading FUD. > > You know perfectly well that it would take less than one hour to > substitute another algorithm in the GBDE source code. But you aren't built for that from the get-go. I would strongly suggest you change that -- make your cipher a user configurable component. I also very strongly suggest that the biggest real threat you face isn't someone cracking AES but key management issues. CGD is in some sense largely a framework for letting you do all sorts of neat things with key management in a disk encryption context. You may want to add similar features -- the most practical attack against your system as it stands is a dictionary attack. -- Perry E. Metzger perry@piermont.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?877jkogrr4.fsf>