[prev in list] [next in list] [prev in thread] [next in thread] 

List:       linux-crypto
Subject:    Re: (AES) loopback crypto questions
From:       Dale Amon <amon () vnl ! com>
Date:       2001-07-11 9:47:29
[Download RAW message or body]

On Tue, Jul 10, 2001 at 10:38:00PM +0200, peter k. wrote:
> 1) if an attacker has got some files which are on an (AES) encrypted device,
> will he be able to decrypt the whole device?

It might help slightly, ie Known Plaintext Attack, but probably not a lot.
 
> 2) is it a good idea to run "cat /dev/zero > zero.file; shred -uv zero.file"
> on (AES) encrypted devices to overwrite all free space with random data [to
> remove any encrypted data which is left from deleted files from the device
> behind the loopback device and confuse attackers]?

Depends on your paranoia level. If you think your key was compromised
you might do something like this; I don't see why'd you zero before
shredding. Personally I prefer wipe. Slow, but fairly certain.

In the passed I zeroed my loopbacks; but I like the idea of using /dev/random
for the job... although the thought of doing that over 10-20GB gives me
thoughts of going on vacation for 2 weeks while it runs.
 
> the brackets in "(AES)" mean that i'd like to know if the answer applies to
> AES only or also other cyphers (i guess so?)

Depends on the size of the keyspace. I imagine you get more
information from a known plaintext attack if the keyspace is
smaller, ie as in DES-56 or other low quality cipher.

-- 
------------------------------------------------------
Use Linux: A computer        Dale Amon, CEO/MD
is a terrible thing          Village Networking Ltd
to waste.                    Belfast, Northern Ireland
------------------------------------------------------

Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/

[prev in list] [next in list] [prev in thread] [next in thread]