Hi,
if current status refers to the latest published papers then
you can find a short overview over the best known attacks on
http://www.iaik.tugraz.at/research/krypto/AES/index.php
Elisabeth
Joachim Strombergson schrieb:
Aloha!
Just out of curiosity I tried to Google around for recent
From: Travis H. [mailto:[EMAIL PROTECTED]
On 5/4/06, markus reichelt [EMAIL PROTECTED] wrote:
Agreed; but regarding unix systems, I know of none crypto
implementation that does integrity checking. Not just de/encrypt the
data, but verify that the encrypted data has not been tampered
I think an encrypted file system with builtin integrity is somewhat
interesting however the threat model is a bit broken if you are going
to boot off a potentially tampered with disk.
I mean the attacker doesnt have to tamper with the proposed
encrypted+MACed data, he just tampers with the boot
On Thu, May 04, 2006 at 01:44:48PM -0500, Travis H. wrote:
I guess perhaps the reason they don't do integrity checking is that it
involves redundant data, so the encrypted volume would be smaller, or
the block offsets don't line up, and perhaps that's trickier to handle
than a 1:1
