Re: [cryptography] encrypted storage, but any integrity protection?

On 14/01/11 5:40 AM, travis+ml-rbcryptogra...@subspacefield.org wrote: So does anyone know off the top of their head whether dm-crypt or TrueCrypt (or other encrypted storage things) promise data integrity in any way, shape or form? I'm assuming they're just encrypting, but figured I'd ask

Re: [cryptography] encrypted storage, but any integrity protection?

On 01/14/2011 06:13 PM, Jon Callas wrote: This depends on what you mean by data integrity. How about an attacker with write access to the disk is unable to modify the protected data without detection? In a strict, formal way, where you'd want to have encryption and a MAC, the answer is

Re: [cryptography] encrypted storage, but any integrity protection?

On Sat, 15 Jan 2011, Marsh Ray wrote: This depends on what you mean by data integrity. How about an attacker with write access to the disk is unable to modify the protected data without detection? What about reverting (a part of) the storage to one of the previously valid states? As I

Re: [cryptography] encrypted storage, but any integrity protection?

On Jan 15, 2011, at 8:53 44AM, Marsh Ray wrote: On 01/14/2011 06:13 PM, Jon Callas wrote: This depends on what you mean by data integrity. How about an attacker with write access to the disk is unable to modify the protected data without detection? In a strict, formal way, where

Re: [cryptography] encrypted storage, but any integrity protection?

On Jan 14, 2011, at 4:13 PM, Jon Callas wrote: XTS in particular is a wide-block mode that takes a per-block tweak. This means that if you are using an XTS block of 512 bytes, then a single-bit change to the ciphertext causes the whole block to decrypt incorrectly. If you're using a 4K data

Re: [cryptography] encrypted storage, but any integrity protection?

On Jan 15, 2011, at 4:23 PM, Ivan Krstić wrote: On Jan 14, 2011, at 4:13 PM, Jon Callas wrote: XTS in particular is a wide-block mode that takes a per-block tweak. This means that if you are using an XTS block of 512 bytes, then a single-bit change to the ciphertext causes the whole block

Re: [cryptography] encrypted storage, but any integrity protection?

On Jan 13, 2011, at 10:40 AM, travis+ml-rbcryptogra...@subspacefield.org wrote: * PGP Signed by an unknown key So does anyone know off the top of their head whether dm-crypt or TrueCrypt (or other encrypted storage things) promise data integrity in any way, shape or form? This depends on

Re: [cryptography] encrypted storage, but any integrity protection?

* travis+ml-rbcryptogra...@subspacefield.org wrote: So does anyone know off the top of their head whether dm-crypt or TrueCrypt (or other encrypted storage things) promise data integrity in any way, shape or form? I've heard that geli does. -- left blank, right bald pgpWPLfKZA5z2.pgp