"Trei, Peter" <[EMAIL PROTECTED]> writes: >[EMAIL PROTECTED]:[EMAIL PROTECTED] >>"Trei, Peter" <[EMAIL PROTECTED]> writes: >>>with a good distribution of IVs >> >>Where would you store them? The feature of this is that it's fully >>transparent, so you can't store IVs anywhere. > >I'm not really up on crypto file systems, but I beleive at least some use the >sector address as the IV. IVs don't need to be random, secret, or >unpredictable - they just need to be unrepeated. (I'm assuming sector-at-a- >time encryption).
But the IV is repeated, every time you encrypt new data for that sector. You need to either store a random IV for each sector (usually infeasible) or make two passes over the data (details vary), using the output from pass 1 to affect pass 2 (slow). >>>* Some kind of PIN or password protection on the dongle. >> >>How would you do this without a custom BIOS (remember that their general >>product is for dropping into any PC)? > >We're talking about two different products. The ABIT is a MB, presumably with >it's own custom BIOS, so that's not an issue there. Customised, not custom. Think of it as a Chinese-menu type setup, it's a one- size-fits-all BIOS with appropriate modules compiled in for handling the CPU and chipset features. Now motherboard vendors can plug in their own feature modules, but it's a somewhat nontrivial option usually used only for highly marketable features (overclocking options, ability to re-flash from Windows, etc etc). Peter.