[Cryptography] [Crypto-practicum] Justify the sequence of operations in CTR mode.

Bill Frantz frantz at pwpconsult.com
Fri Feb 12 20:19:56 EST 2016


On 2/12/16 at 10:16 AM, waywardgeek at gmail.com (Bill Cox) wrote:

>t is not possible to avoid this chosen plaintext attack without an IV.

Perhaps I'm being dumb, but you should be able to generate an IV 
for disk encryption by using the disk block address. Throw in 
the encryption key and a hash if necessary. Or use the output of 
the hash as a disk sector specific encryption key. CBC mode is 
one possibility given an IV.

If your opponent can read the cipher text of a sector multiple 
times, he may be able to learn things from your update pattern. 
I don't see an easy way to eliminate this leak.

What am I missing?

Cheers - Bill

---------------------------------------------------------------------------
Bill Frantz        | If you want total security, go to prison. 
There you're
408-356-8506       | fed, clothed, given medical care and so on. 
The only
www.pwpconsult.com | thing lacking is freedom. - Dwight D. Eisenhower



More information about the cryptography mailing list