Date: Mon, 27 May 2002 12:20:26 +0200 From: Poul-Henning Kamp <phk@critter.freebsd.dk> To: Doug Rabson <dfr@nlsystems.com> Cc: cvs-committers@FreeBSD.ORG, cvs-all@FreeBSD.ORG Subject: Re: cvs commit: src/sys/conf files src/sys/geom geom_aes.c Message-ID: <47153.1022494826@critter.freebsd.dk> In-Reply-To: Your message of "Mon, 27 May 2002 10:31:14 BST." <200205271031.15065.dfr@nlsystems.com>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <200205271031.15065.dfr@nlsystems.com>, Doug Rabson writes: >> Log: >> Add a proof-of-concept encryption class. >> >> All sectors are encrypted with AES in CBC mode using a constant key, >> currently compiled in and all zero. > >Isn't this a bit pointless. The on-disk data structures are so predictable >that you have any number of known-plaintext attacks against this. The only >point to encryption at this level is to protect data against physical access >to the drive and this doesn't seem to be able to do that... Yes, at this point it is pretty pointless apart as proof that GEOM is (also) able to do content transformations. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?47153.1022494826>