hpa@??? (H. Peter Anvin) wrote in message
news:<2kMAw-rl-15@???>...
> So does cryptoloop use a different IV for different blocks? The need
> for the IV to be secret is different for different ciphers, but for
> block ciphers the rule is that is must not repeat, and at least
> according to some people must not be trivially predictable. [...]
The IV is predictable in cryptoloop and in other implementations.
This causes specially crafted watermarks to be detectable through
the encryption [1]. Pretty bad, but whether this is really a
concern or not depends a lot on what you are encrypting.
-- Pascal
[1] Markku-Juhani Saarinen: Encrypted Watermarks; Security Vulnerabilities in Laptop Encryption (Security Forum Workshop 2004)
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@???
More majordomo info at
http://vger.kernel.org/majordomo-info.html
Please read the FAQ at
http://www.tux.org/lkml/
