Re: Caveat emptor Re: loop.c: DES bugfixes
A. Wik (aw@mail1.bet1.puv.fi)
Tue, 21 Jul 1998 16:53:54 +0000
Olaf Titz wrote:
> > I've updated the *-kernel and *-crypto patches to work with 2.1.108.
> > I'll make these updates available from:
> > ftp://mail1.bet1.puv.fi/incoming/
> > I think the *-kernel patch could safely be merged with the mainstream
> > kernel (this includes the XOR-encryption). The *-crypto patch contains
> > serious cryptography such as IDEA and CAST, and probably suffer from
> > those silly and annoying export restrictions. Note that the patches
>
> This looks good, but has a major pitfall: there are documented options
> to set the various modes (CBC, CFB etc.) but they are not implemented
> at all, the device accepts them but always uses ECB. I found this
> while paranoia-checking the ciphertext and saw large chunks of
> repeating 8-byte sequences. As we all know, this gives the first step
> towards mounting known plainext attacks.
>
> So _please_ when publishing stuff like this, at least clearly mark the
> unimplemented parts UNIMPLEMENTED in the man pages, everything else
> gives a false sense of security. (The really correct solution would be
> for the kernel to throw EINVAL somewhere when losetup'ing in CBC
> mode.)
I've fixed the error reporting and added CBC mode support from the
Berkeley patches. The updated patches are available from the FTP site
mentioned above.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.altern.org/andrebalsa/doc/lkml-faq.html