---------- Forwarded message ---------- Date: Mon, 11 Feb 2002 20:55:20 -0500 From: Jerome Etienne <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Cc: Ian Goldberg <[EMAIL PROTECTED]>, [EMAIL PROTECTED] Subject: Re: CFS vs. loopback encryption (was Re: [open-source] File encryption) for information, i released a text which describes a security hole in the encrypted loop device for linux. Because of it an attacker is able to modify the content of the encrypted device without being detected. This text proposes to fix the hole by authenticating the device. the text can be found in http://www.off.net/~jme/loopdev_vul.html > In article <[EMAIL PROTECTED]>, > Nicholas Brawn <[EMAIL PROTECTED]> wrote: > >What are people's thoughts on CFS vs. loopback encryption? I've used CFS > >in the past and found it quite useful, though as Matt said - a little > >long in the tooth. Never really looked into loopback encryption (which > >I'm aware is not something present across the majority of Unixes). > > I use loopback encryption on Linux (loop-aes.sourceforge.net). > I'm very happy with it. I have it encrypting data with a passphrase > and swap with a random key. > > - Ian --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
