Another completely different approach is to use a filesystem which does
its own integrity checking. ZFS is a good example. If you run ZFS on top
of an encrypted loop device, most corruption should be detected because
ZFS does its own cryptographic checksum of data blocks. This checksum is
stored in the block pointers, not in the blocks themselves so you cannot
even replace the block with a different valid block from elsewhere in
the file system.
-Jeff
_______________________________________________
cryptography mailing list
[email protected]
http://lists.randombit.net/mailman/listinfo/cryptography
