[24678] in cryptography@c2.net mail archive
Re: Linux RNG paper
daemon@ATHENA.MIT.EDU (Travis H.)
Thu May 4 21:48:31 2006
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Thu, 4 May 2006 13:44:48 -0500
From: "Travis H." <solinym@gmail.com>
To: cryptography@metzdowd.com
In-Reply-To: <20060504161409.GE3875@dantooine>
On 5/4/06, markus reichelt <ml@mareichelt.de> wrote:
> Agreed; but regarding unix systems, I know of none crypto
> implementation that does integrity checking. Not just de/encrypt the
> data, but verify that the encrypted data has not been tampered with.
Are you sure? There's a aes-cbc-essiv:sha256 cipher with dm-crypt.
Are they using sha256 for something other than integrity?
I guess perhaps the reason they don't do integrity checking is that it
involves redundant data, so the encrypted volume would be smaller, or
the block offsets don't line up, and perhaps that's trickier to handle
than a 1:1 correspondence.
--
"Curiousity killed the cat, but for a while I was a suspect" -- Steven Wrig=
ht
Security Guru for Hire http://www.lightconsulting.com/~travis/ -><-
GPG fingerprint: 9D3F 395A DAC5 5CCC 9066 151D 0A6B 4098 0C55 1484
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
