From owner-freebsd-hackers@FreeBSD.ORG  Fri Mar  4 00:49:04 2005
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id C0CFB16A4CE
	for <hackers@freebsd.org>; Fri,  4 Mar 2005 00:49:04 +0000 (GMT)
Received: from snark.piermont.com (snark.piermont.com [166.84.151.72])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 1847743D46
	for <hackers@freebsd.org>; Fri,  4 Mar 2005 00:49:04 +0000 (GMT)
	(envelope-from perry@piermont.com)
Received: by snark.piermont.com (Postfix, from userid 1000)
	id 6A443D988C; Thu,  3 Mar 2005 19:49:03 -0500 (EST)
To: "Poul-Henning Kamp" <phk@phk.freebsd.dk>
References: <12467.1109893619@critter.freebsd.dk>
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 03 Mar 2005 19:49:03 -0500
In-Reply-To: <12467.1109893619@critter.freebsd.dk> (Poul-Henning Kamp's
 message of "Fri, 04 Mar 2005 00:46:59 +0100")
Message-ID: <877jkogrr4.fsf@snark.piermont.com>
User-Agent: Gnus/5.1006 (Gnus v5.10.6) Emacs/21.3 (berkeley-unix)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailman-Approved-At: Fri, 04 Mar 2005 16:36:07 +0000
cc: ALeine <aleine@austrosearch.net>
cc: tech-security@NetBSD.org
cc: elric@imrryr.org
cc: hackers@freebsd.org
cc: ticso@cicely.de
Subject: Re: FUD about CGD and GBDE
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 04 Mar 2005 00:49:04 -0000


"Poul-Henning Kamp" <phk@phk.freebsd.dk> writes:
> In message <87d5ugi9ht.fsf@snark.piermont.com>, "Perry E. Metzger" writes:
>>> MD5 was believed to be heavily understood in literature. It was
>>> well established. Look at what happened to it.
>>
>>Yup. And Roland made the algorithm you use for encrypting your disk
>>*pluggable*. That way, if AES is broken, you can replace it with the
>>next big thing and move on with your life.
>>
>>Now, if AES is indeed broken, GBDE is in serious trouble, but CGD is
>>not. Specific users of CGD have to change their drives, but the
>>framework continues to work as advertised.
>
> Gee Perry, now you're spreading FUD.
>
> You know perfectly well that it would take less than one hour to
> substitute another algorithm in the GBDE source code.

But you aren't built for that from the get-go. I would strongly
suggest you change that -- make your cipher a user configurable
component.

I also very strongly suggest that the biggest real threat you face
isn't someone cracking AES but key management issues. CGD is in some
sense largely a framework for letting you do all sorts of neat things
with key management in a disk encryption context. You may want to add
similar features -- the most practical attack against your system as
it stands is a dictionary attack.

-- 
Perry E. Metzger		perry@piermont.com