On Sat, 15 Jan 2011, Marsh Ray wrote: > > This depends on what you mean by data integrity. > > How about "an attacker with write access to the disk is unable to modify > the protected data without detection"?
What about reverting (a part of) the storage to one of the previously valid states? > As I understand it, the Playstation 3 filesystem crypto was defeated > by simply deleting the encrypted files, filling up the disk with > movies and then placing the cyphertext in the movie data stream > (they may have had to ensure it went back into the right sector). > Playing back the movies prompted the hardware to happily decrypt the > data and output the plaintext of the files. It is what actually happened here. To prevent this one needs the whole MAC tree and even in that case one cannot be sure that the whole storage is not reverted at once. I guess this MACing is not implemented in TrueCrypt-like programs since they target the systems where user is not considered to be an attacker. -- Regards, ASK _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
