Date: Thu, 04 May 2000 08:35:13 +0200 From: Mark Murray <mark@grondar.za> To: "Andrew J. Korty" <ajk@iu.edu> Cc: Matthew Dillon <dillon@apollo.backplane.com>, security@FreeBSD.ORG Subject: Re: Cryptographic dump(8) Message-ID: <200005040635.IAA05693@grimreaper.grondar.za> In-Reply-To: <Pine.BSF.4.21.0005031329440.21805-100000@kobayashi.uits.iupui.edu> ; from "Andrew J. Korty" <ajk@iu.edu> "Wed, 03 May 2000 13:39:26 EST." References: <Pine.BSF.4.21.0005031329440.21805-100000@kobayashi.uits.iupui.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
> That sounds good, but I should probably leave the very first > header as cleartext. That way, I can put a flag there to tell > restore whether or not this tape is encrypted or not. Fair enough. > > Also, putting a random number in each block is important if each block > > is separately encrypted, for the same reason. > > Would it be acceptable to encrypt the header and block together > but each header/block pair separately? I don't think I have room > to add anything in the block, so maybe I could get that randomness > from what I add to the header (CBC should propagate it a little). The more you separate, the better chance you give for certain types of attacks; you are not giving much at all, but you are adding a tiny weakness. Attackers can use anything "known" about the structure of the data, and you are giving them the boundaries. M -- Mark Murray Join the anti-SPAM movement: http://www.cauce.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200005040635.IAA05693>