Am Mittwoch, 1. Juni 2005 19:06 schrieb ext Richard Fish: > It is pretty easy to google for such a comparison. The main security > problem with dm-crypt is that it doesn't support multi-key encryption > modes, which makes it vulnerable to "watermark" attacks. It is better > than it used to be, with reasonable key hashing and cbc modes though.
You're right concerning google :-). Anyway it gave me only one useable
security comparison [1]. This one clearly states that dm-crypt starting
with kernel 2.6.10 is no longer vulnerable against watermark attacks.
However, what it didn't say is that you have to re-encrypt your disks to
get this enhanced security.
Bye...
Dirk
[1]: http://mareichelt.de/pub/texts.cryptoloop.php
--
Dirk Heinrichs | Tel: +49 (0)162 234 3408
Configuration Manager | Fax: +49 (0)211 47068 111
Capgemini Deutschland | Mail: [EMAIL PROTECTED]
Hambornerstra�e 55 | Web: http://www.capgemini.com
D-40472 D�sseldorf | ICQ#: 110037733
GPG Public Key C2E467BB | Keyserver: www.keyserver.net
pgpXjXW6xlyqS.pgp
Description: PGP signature
