[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [ANNOUNCE] ROCKate Tor LiveCD V0.4.0.0



On 6/21/07, Benjamin Schieder <blindcoder@xxxxxxxxxxxxxxxxxxxx> wrote:
...
Key management is an implementation detail and should be of no concern
to ROCKate users.

right.  but this means more work for you (to manage loop-aes keys) as
luks makes things simple(r) already. :)


> 1. cryptoloop, dm-crypt, bestcrypt, truecrypt, and loop-aes  - Why
> cryptoloop should not be used.
>    http://mareichelt.de/pub/texts.cryptoloop.php

Last update is over a year old. Which parts do apply to todays kernel?

all of the statements are current for the most part. the author
updated relevant sections to name versions where the watermarking /
plain-text attack issues were fixed in truecrypt / dm-crypt.

dm-crypt still exposes more information than is desired during partial
block updates. (change the last bit in a loop-aes 512byte block and
you get a new block.  dm-crypt just updates the last cipher block
sized portion at the end of the 512 block - 16 bytes)

overall, any of them are a pretty good choice.  the crypto will be the
last thing an adversary tries to attack here, so your key management
and user clue will be the crux.

key scrubbing and robust key schedule (less data is encrypted per key
than the others) for loop-aes multi-v3 may provide a useful benefit
depending on your needs...

best regards,