"Poul-Henning Kamp" <[EMAIL PROTECTED]> writes: > In message <[EMAIL PROTECTED]>, "Perry E. Metzger" writes: >>> MD5 was believed to be heavily understood in literature. It was >>> well established. Look at what happened to it. >> >>Yup. And Roland made the algorithm you use for encrypting your disk >>*pluggable*. That way, if AES is broken, you can replace it with the >>next big thing and move on with your life. >> >>Now, if AES is indeed broken, GBDE is in serious trouble, but CGD is >>not. Specific users of CGD have to change their drives, but the >>framework continues to work as advertised. > > Gee Perry, now you're spreading FUD. > > You know perfectly well that it would take less than one hour to > substitute another algorithm in the GBDE source code.
But you aren't built for that from the get-go. I would strongly suggest you change that -- make your cipher a user configurable component. I also very strongly suggest that the biggest real threat you face isn't someone cracking AES but key management issues. CGD is in some sense largely a framework for letting you do all sorts of neat things with key management in a disk encryption context. You may want to add similar features -- the most practical attack against your system as it stands is a dictionary attack. -- Perry E. Metzger [EMAIL PROTECTED] _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]"
