Date: Thu, 4 May 2000 13:20:12 -0500 (EST) From: "Andrew J. Korty" <ajk@iu.edu> To: Mark Murray <mark@grondar.za> Cc: Matthew Dillon <dillon@apollo.backplane.com>, security@FreeBSD.ORG Subject: Re: Cryptographic dump(8) Message-ID: <Pine.BSF.4.21.0005041318270.26492-100000@verbal.uits.iupui.edu> In-Reply-To: <200005040628.IAA05648@grimreaper.grondar.za>
next in thread | previous in thread | raw e-mail | index | archive | help
> > Store something like this in the header: > > [ Good stuff snipped. ] > > > Storing a random sequence in the header that is MD5'd as well as > > encrypted is very important because otherwise someone trying to break > > the encryption can 'guess' at what the contents of the header was in > > order to try to reverse-engineer the encryption. > > Yes! It is _very_ important that the random number is cryptographically > secure, ant that it is first, so as to maximise the security of the block > cipher. It is also important to use one of the "feedback" modes, to spread > the entropy over the whole block, seeing that this block is of paramount > importance. I was under the impression that the CBC mode would also propagate this entry throughout the block. Must I use one of the feedback modes? -- Andrew J. Korty, Lead Security Engineer Office of the Vice President for Information Technology Indiana University To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0005041318270.26492-100000>