[Cryptography] [Crypto-practicum] Justify the sequence of operations in CTR mode.
Bill Frantz
frantz at pwpconsult.com
Fri Feb 12 20:19:56 EST 2016
On 2/12/16 at 10:16 AM, waywardgeek at gmail.com (Bill Cox) wrote:
>t is not possible to avoid this chosen plaintext attack without an IV.
Perhaps I'm being dumb, but you should be able to generate an IV
for disk encryption by using the disk block address. Throw in
the encryption key and a hash if necessary. Or use the output of
the hash as a disk sector specific encryption key. CBC mode is
one possibility given an IV.
If your opponent can read the cipher text of a sector multiple
times, he may be able to learn things from your update pattern.
I don't see an easy way to eliminate this leak.
What am I missing?
Cheers - Bill
---------------------------------------------------------------------------
Bill Frantz | If you want total security, go to prison.
There you're
408-356-8506 | fed, clothed, given medical care and so on.
The only
www.pwpconsult.com | thing lacking is freedom. - Dwight D. Eisenhower
More information about the cryptography
mailing list