On Thu, 04 May 2006 18:14:09 +0200, markus reichelt <[EMAIL PROTECTED]> wrote:
> * "Travis H." <[EMAIL PROTECTED]> wrote: > > > 1) In the paper, he mentions that the state file could be altered > > by an attacker, and then he'd know the state when it first came up. > > Of course, if he could do that, he could simply install a trojan in > > the OS itself, so this is not really that much of a concern. If > > your hard drives might be altered by malicious parties, you should > > be using some kind of cryptographic integrity check on the contents > > before using them. This often comes for free when encrypting the > > contents. > > Agreed; but regarding unix systems, I know of none crypto > implementation that does integrity checking. Not just de/encrypt the > data, but verify that the encrypted data has not been tampered with. > See "Space-Efficient Block Storage Integrity", Alina Oprea, Mike Reiter, Ke Yang, NDSS 2005, http://www.isoc.org/isoc/conferences/ndss/05/proceedings/papers/storageint.pdf --Steven M. Bellovin, http://www.cs.columbia.edu/~smb --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
