Date: Thu, 03 Mar 2005 15:52:48 -0500 From: "Perry E. Metzger" <perry@piermont.com> To: "Poul-Henning Kamp" <phk@phk.freebsd.dk> Cc: ticso@cicely.de Subject: Re: FUD about CGD and GBDE Message-ID: <87y8d4ih9b.fsf@snark.piermont.com> In-Reply-To: <10983.1109882590@critter.freebsd.dk> (Poul-Henning Kamp's message of "Thu, 03 Mar 2005 21:43:10 %2B0100") References: <10983.1109882590@critter.freebsd.dk>
next in thread | previous in thread | raw e-mail | index | archive | help
"Poul-Henning Kamp" <phk@phk.freebsd.dk> writes: > In message <Pine.NEB.4.62.0503031436160.12890@server.duh.org>, Todd Vierling writes: >>On Thu, 3 Mar 2005, Poul-Henning Kamp wrote: >> >>> At the time where I wrote GBDE, the best that was offered was CGD (and >>> similar) and users (not cryptographers!) didn't trust it >> >>Could you back up this claim, insofar that "users" did not trust cgd? I >>haven't seen any distrust of cgd -- in fact, I've seen quite a bit of >>welcome acceptace of cgd by both users *and* cryptographers. > > Some of the people I talked to were very unhappy about the same key > being used for all sectors on the disk. Now, was that in the first day after cgd was committed or the second? As I recall, you committed GBDE 48 hours after CGD was committed in NetBSD. I'd be curious to hear about how much you changed your design in that period in response to feedback on cgd. (Please correct me if I'm wrong about the time gap.) However: > Some of the people I talked to were very unhappy about the same key > being used for all sectors on the disk. Even a small weakness in > the cipher becomes a big hole because of the amount of data this > offers for analysis. I think we've already established that this fear, though understandable, is not a reasonable one under the circumstances. See several postings already made. You are better off just using AES with a longer key than the GBDE mechanism. Perry
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?87y8d4ih9b.fsf>