Re: mlock(1)

From: Valdis . Kletnieks
Date: Fri Sep 24 2004 - 23:55:48 EST

Next message: Dmitry Torokhov: "Re: [BK] Changing driver core/sysfs/kobject symbol exports to GPL only"
Previous message: Patrick Mochel: "Re: [BK] Changing driver core/sysfs/kobject symbol exports to GPLonly"
In reply to: Andrea Arcangeli: "Re: mlock(1)"
Next in thread: Andy Lutomirski: "Re: mlock(1)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sat, 25 Sep 2004 06:07:10 +0200, Andrea Arcangeli said:
> On Fri, Sep 24, 2004 at 11:29:58PM -0400, Valdis.Kletnieks@xxxxxx wrote:
> > loop-AES stuff does and forces a minimim 20-char passphrase) - there's goin
g to
> > be all too many blocks in the swsusp area that are "known plaintext" and ea
sily
>
> well, it's not a filesystem with superblock at fixed location for
> example, the data location and contents is mostly random, or certainly
> not a "known plaintext".

I'm sure there's enough pages that live at magic addresses that end up at
predictable/identifiable locations on the disk to supply enough "known
plaintext". Remember - the attacker only has to find *one* crypto-block sized
set of bits - even with a 256-bit algo, they only have to find 32 consecutive
bytes that they can identify or reconstruct.

Attachment: pgp00000.pgp
Description: PGP signature

Next message: Dmitry Torokhov: "Re: [BK] Changing driver core/sysfs/kobject symbol exports to GPL only"
Previous message: Patrick Mochel: "Re: [BK] Changing driver core/sysfs/kobject symbol exports to GPLonly"
In reply to: Andrea Arcangeli: "Re: mlock(1)"
Next in thread: Andy Lutomirski: "Re: mlock(1)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]