Dirk Heinrichs wrote: > Am Mittwoch, 1. Juni 2005 19:06 schrieb ext Richard Fish: > >> It is pretty easy to google for such a comparison. The main >> security problem with dm-crypt is that it doesn't support >> multi-key encryption modes, which makes it vulnerable to >> "watermark" attacks. It is better than it used to be, with >> reasonable key hashing and cbc modes though. > > > You're right concerning google :-). Anyway it gave me only one > useable security comparison [1]. This one clearly states that > dm-crypt starting with kernel 2.6.10 is no longer vulnerable > against watermark attacks. However, what it didn't say is that you > have to re-encrypt your disks to get this enhanced security. > > Bye... > > Dirk > > [1]: http://mareichelt.de/pub/texts.cryptoloop.php
Hi guys, I am very interested in encrypted directories and/or disks. Right now I am using ext3. Where can I find more info? The docs page at Gentoo? Right now I'm using CFS and it works great. If you go to the Gento Wiki under Security you will find my HOWto. But CFS is getting very old. At least now Blowfish has proven itself via OpenBSD and others. Thanks, Rob -- gentoo-user@gentoo.org mailing list
