This looks good, but has a major pitfall: there are documented options
to set the various modes (CBC, CFB etc.) but they are not implemented
at all, the device accepts them but always uses ECB. I found this
while paranoia-checking the ciphertext and saw large chunks of
repeating 8-byte sequences. As we all know, this gives the first step
towards mounting known plainext attacks.
So _please_ when publishing stuff like this, at least clearly mark the
unimplemented parts UNIMPLEMENTED in the man pages, everything else
gives a false sense of security. (The really correct solution would be
for the kernel to throw EINVAL somewhere when losetup'ing in CBC
mode.)
olaf
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.altern.org/andrebalsa/doc/lkml-faq.html