>From the subject line I had expected you to be asking what sources of entropy /dev/urandom was using.
On Tuesday 26 October 2010 23:13:11 adam shea wrote: > For sake of discussion assume a partitioning scheme is such: > /dev/sda1 => /boot > /dev/sda2 => / > /dev/sda3 => swap > /dev/sda4 => spare > > The *spare* partition will be encrypted and then mounted during startup. Note that since you're using a /boot partition, you also have the option of running the / partition encrypted also. > I know next to nothing about cryptography, cryptanalysis, and the like. All > I know is that it is suggested to write random data over the disk before > encrypting. > > For example, > http://duncanelliot.com/blog/?p=7 Note that you can do this same thing using 'wipe' or 'scrub'. > In the above blog entry the claim is that if you do not somehow write > random data over the entire disk an attacker can analyze the disk, locate > the edges of the encrypted data, and greatly increase his/her chances of > breaking the encryption. However, does this apply if one is only > encrypting a single partition? By my understanding, the partition table is > unencrypted and could potentially used to locate the starting edge of the > encrypted partition. That's my understanding also. > Does this fact negate whatever added security one > gains by writing random data over the disk prior to encryption. I'd say no. -- Chris -- Chris Knadle [email protected] _______________________________________________ Mid-Hudson Valley Linux Users Group http://mhvlug.org http://mhvlug.org/cgi-bin/mailman/listinfo/mhvlug Upcoming Meetings (6pm - 8pm) MHVLS Auditorium Nov 3 - Open Source Hardware: Bugs, Beagles and Beyond Dec 1 - IBM's Open Client Deployment Jan 5 - Building a Comunity Site with Drupal
