Re: [PATCH] Delete cryptoloop

[Marc Ballarin]

Fruhwirth Clemens <clemens-dated-1091625872.c783 <at> endorphin.org> writes: 
 
>  
> On Sun, 2004-07-25 at 13:42, Jari Ruusu wrote: 
> > Fruhwirth Clemens wrote: 
> > > Second, modern ciphers like Twofish || AES are designed to resist 
> > > known-plaintext attacks. This is basically the FUD spread by Jari Rusuu. 
> >  
> > Ciphers are good, but both cryptoloop and dm-crypt use ciphers in insecure 
> > and exploitable way. 
> >  
> > This is not FUD. Fruhwirth, did you even try run the exploit code? 
> >  
> > http://marc.theaimsgroup.com/?l=linux-kernel&m=107719798631935&w=2 
>  
> There is no use in running your code. It does not decipher any block 
> without the proper key. Where is the exploit?  
>  
 
Well, the obvious flaw is that an attacker can detect the presence of a 
watermarked file on an encrypted volume. This is not about decrypting files, 
merely proving their existence. 
 
Wheter this can be called an exploit does not matter. It definitely is a major 
hole. 
 
Marc 
 
 

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/