Re: [PATCH/proposal] dm-crypt: add digest-based iv generation mode

[Jean-Luc Cooke]

On Fri, Feb 20, 2004 at 07:53:41PM +0100, Christophe Saout wrote:
> On Fri, Feb 20, 2004 at 12:14:27PM -0500, Jean-Luc Cooke wrote:
> 
> > > > It simply hashes the sector number and the key and uses it as IV.
> > > > 
> > > > You can specify the encryption mode as "cipher-digest" like aes-md5 or
> > > > serpent-sha1 or some other combination.
> > 
> > As for naming the cipher-hash as "aes-sha256", why not just go all the way
> > and specify the mode of operation as well?
> > 
> > cipher-hash-modeop example: aes-sha256-cbc
> 
> The plan was to du <cipher>-<iv mode> where <iv mode> can be
> ecb (well, no IV at all), plain (unhashed sector number) or a
> digest (hmac_key sector number). CBC mode is implicit when you
> have some kind of IV generation. Everything else doesn't make
> sense and would be redundant. CFB and CTR are not implemented
> by cryptoloop BTW.

jlcooke:~/kern/linux-2.6.1/crypto$ grep CTR *.c
cipher.c:       case CRYPTO_TFM_MODE_CTR:
grep CFB *.c
cipher.c:       case CRYPTO_TFM_MODE_CFB:

It should be I wrote it...the crypto part anyways.

> > As for hashing the hey etc.  You should be using HMAC for that.
> >   Christophe - would you like to change your patch to use HMACs?
> 
> Yes, I alread got that suggestion.

Ok good then thanks.

JLC

-- 
http://www.certainkey.com
Suite 4560 CTTC
1125 Colonel By Dr.
Ottawa ON, K1S 5B6
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/