Re: mlock(1)
From: Valdis . Kletnieks
Date: Fri Sep 24 2004 - 23:55:48 EST
On Sat, 25 Sep 2004 06:07:10 +0200, Andrea Arcangeli said:
> On Fri, Sep 24, 2004 at 11:29:58PM -0400, Valdis.Kletnieks@xxxxxx wrote:
> > loop-AES stuff does and forces a minimim 20-char passphrase) - there's goin
g to
> > be all too many blocks in the swsusp area that are "known plaintext" and ea
sily
>
> well, it's not a filesystem with superblock at fixed location for
> example, the data location and contents is mostly random, or certainly
> not a "known plaintext".
I'm sure there's enough pages that live at magic addresses that end up at
predictable/identifiable locations on the disk to supply enough "known
plaintext". Remember - the attacker only has to find *one* crypto-block sized
set of bits - even with a 256-bit algo, they only have to find 32 consecutive
bytes that they can identify or reconstruct.
Attachment:
pgp00000.pgp
Description: PGP signature