Re: [PATCH/proposal] dm-crypt: add digest-based iv generation mode

From: Christophe Saout
Date: Fri Feb 20 2004 - 14:54:06 EST


Am Fr, den 20.02.2004 schrieb Jean-Luc Cooke um 20:09:

> > The plan was to du <cipher>-<iv mode> where <iv mode> can be
> > ecb (well, no IV at all), plain (unhashed sector number) or a
> > digest (hmac_key sector number). CBC mode is implicit when you
> > have some kind of IV generation. Everything else doesn't make
> > sense and would be redundant. CFB and CTR are not implemented
> > by cryptoloop BTW.
>
> jlcooke:~/kern/linux-2.6.1/crypto$ grep CTR *.c
> cipher.c: case CRYPTO_TFM_MODE_CTR:
> grep CFB *.c
> cipher.c: case CRYPTO_TFM_MODE_CFB:
>
> It should be I wrote it...the crypto part anyways.

Do you think I should add support for those two (even though they're not
implemented yet)? Does this make sense?

If so, I would do: <cipher>-<cipher mode>[-<iv generator>]

aes-ecb, aes-cbc-sha1, etc...?

This would already break the userspace interface... ;)


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/