Linux RNG paper

Travis H. solinym at gmail.com
Thu May 4 14:44:48 EDT 2006


On 5/4/06, markus reichelt <ml at mareichelt.de> wrote:
> Agreed; but regarding unix systems, I know of none crypto
> implementation that does integrity checking. Not just de/encrypt the
> data, but verify that the encrypted data has not been tampered with.

Are you sure?  There's a aes-cbc-essiv:sha256 cipher with dm-crypt.
Are they using sha256 for something other than integrity?

I guess perhaps the reason they don't do integrity checking is that it
involves redundant data, so the encrypted volume would be smaller, or
the block offsets don't line up, and perhaps that's trickier to handle
than a 1:1 correspondence.
--
"Curiousity killed the cat, but for a while I was a suspect" -- Steven Wright
Security Guru for Hire http://www.lightconsulting.com/~travis/ -><-
GPG fingerprint: 9D3F 395A DAC5 5CCC 9066  151D 0A6B 4098 0C55 1484

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list