Ian Sterling wrote:
> But, it seems to me that being able to have a different IV for
> each filesystem would be a good thing, but having it depend on something
> as volatile as sector of the disk, seems bad.
It's not the sector of the _disk_. It's the requested sector
of the loop device. The requested sector is just another
encoding of the requested offset within the loop device.
It is completely independent of the underlying medium, on
which the data is hosted.
> What about the first block of the underlying file holding an IV?
The idea is, not to use an IV per file system or file or ...
but per sector (or more general a unit of encrypted data.)
The reason for this is that if you don't use this scheme similar
sectors will be encrypted similar. By comparing sectors you
can tell when sectors are identical without knowing anything
about the used cipher.
so long
Ingo
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sun Oct 15 2000 - 21:00:27 EST