Hi,
if "current status" refers to the latest published papers then
you can find a short overview over the best known attacks on
http://www.iaik.tugraz.at/research/krypto/AES/index.php
Elisabeth
Joachim Strombergson schrieb:
Aloha!
Just out of curiosity I tried to Google around for recent pa
On 5/4/06, markus reichelt <[EMAIL PROTECTED]> wrote:
I'm interested as well in watermark/dictionary attacks (like on
mainline cryptoloop) on ecryptfs.
Here's general info:
http://clemens.endorphin.org/LinuxHDEncSettings
I couldn't get to the ecryptfs sourceforge site right now so I can't
tell
> From: Travis H. [mailto:[EMAIL PROTECTED]
>
> On 5/4/06, markus reichelt <[EMAIL PROTECTED]> wrote:
> > Agreed; but regarding unix systems, I know of none crypto
> > implementation that does integrity checking. Not just de/encrypt the
> > data, but verify that the encrypted data has not been ta
I think an encrypted file system with builtin integrity is somewhat
interesting however the threat model is a bit broken if you are going
to boot off a potentially tampered with disk.
I mean the attacker doesnt have to tamper with the proposed
encrypted+MACed data, he just tampers with the boot se
On Thu, May 04, 2006 at 01:44:48PM -0500, Travis H. wrote:
> I guess perhaps the reason they don't do integrity checking is that it
> involves redundant data, so the encrypted volume would be smaller, or
> the block offsets don't line up, and perhaps that's trickier to handle
> than a 1:1 correspo
> > I guess perhaps the reason they don't do integrity checking is that it
> > involves redundant data, so the encrypted volume would be smaller, or
> > the block offsets don't line up, and perhaps that's trickier to handle
> > than a 1:1 correspondence.
>
> Exactly, many file systems rely on bloc
* Travis H.:
> On 5/4/06, markus reichelt <[EMAIL PROTECTED]> wrote:
>> Agreed; but regarding unix systems, I know of none crypto
>> implementation that does integrity checking. Not just de/encrypt the
>> data, but verify that the encrypted data has not been tampered with.
>
> Are you sure? There
| > I guess perhaps the reason they don't do integrity checking is that it
| > involves redundant data, so the encrypted volume would be smaller, or
| > the block offsets don't line up, and perhaps that's trickier to handle
| > than a 1:1 correspondence.
|
| Exactly, many file systems rely on bloc