[33131] in cryptography@c2.net mail archive
Re: Recovering data from encrypted disks, broken CD's
daemon@ATHENA.MIT.EDU (Florian Weimer)
Sat Jul 29 19:55:15 2006
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
From: Florian Weimer <fw@deneb.enyo.de>
To: "Steven M. Bellovin" <smb@cs.columbia.edu>
Cc: leichter_jerrold@emc.com, cryptography@metzdowd.com
Date: Sat, 29 Jul 2006 22:56:26 +0200
In-Reply-To: <20060729144842.c81b80ab.smb@cs.columbia.edu> (Steven
M. Bellovin's message of "Sat, 29 Jul 2006 14:48:42 -0400")
* Steven M. Bellovin:
> I wonder how accurate this is. It's certainly true that some drives have
> vendor passwords to unlock them. It's hard to see how they could break
> through (good) software encryption,
A lot of software tends to create temporary files in random places.
If you don't encrypt the whole disk (including swap space and the
suspend-to-disk area), plaintext might be written to the disk and can
be recovered even though the actual cryptography is sound. This
assumes that transparent decryption is used--the situation is worse if
you need to create a temporary plaintext copy on disk before you can
actually process the data.
(Now I only need to figure out why sequential disk I/O takes such a
significant hit when using dm-crypt. *sigh*)
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
