Re: [PATCH encrypted swsusp 1/3] core functionality
From: folkert
Date: Mon Apr 11 2005 - 06:43:13 EST
> > > > The following patch adds the core functionality for the encrypted
> > > > suspend image.
> > > [Please inline patches, it makes it easier to comment on them.]
> > > You seem to reuse same key/iv for all the blocks. I'm no crypto
> > > expert, but I think that is seriously wrong... You probably should use
> > > block number as a IV or something like that.
> > Or use a feedback loop: xor your data with the outcome of the previous
> > round. And for the initial block use 0x00...00 for 'previous block'-
> > value.
> I'd like to retain ability to read suspend image in any order (so that
> code can be reused for swap encryption, etc).
In that case: encrypt the blocknumber with the key, and then use the
outcome as IV for the encryption of the data. Or calculate a hash over the
blocknumber and use the outcome of that as IV. Don't use the blocknumer
directly.
Folkert van Heusden
Auto te koop, zie: http://www.vanheusden.com/daihatsu.php
Op zoek naar een IT of Finance baan? Mail me voor de mogelijkheden.
--------------------------------------------------------------------
UNIX admin? Then give MultiTail (http://vanheusden.com/multitail/)
a try, it brings monitoring logfiles to a different level! See
http://vanheusden.com/multitail/features.html for a feature-list.
--------------------------------------------------------------------
Phone: +31-6-41278122, PGP-key: 1F28D8AE
Get your PGP/GPG key signed at www.biglumber.com!
Attachment:
signature.asc
Description: Digital signature