mgraffam@mhv.net
Wed, 24 Jun 1998 02:37:27 -0400 (EDT)
On Wed, 24 Jun 1998, Greg Rose wrote:
> If you were thinking of coming up with your own hash function,
> don't.
Of course. I was planning on SHA.
> the first time... so perhaps this is a bit far-fetched.) Alternatively,
> if your backup tapes are an image of the (encrypted) drive, by XORing the
> old and new contents of a particular sector together, they get the stream
> out of the equation and can solve the running-key cipher.
This is a very good point.. sector reuse will be the death of this
system.. I don't exactly know why I didn't think of this, but I should
have.
> With a block cipher, you want to use something like Cipher Block Chaining
> mode. Now you can do your key setup once, using the user's secret (hashed
> or whatever) as the key, then use the sector number as the initialisation
> vector, encrypting the sectors independently. This is arguably the
> "correct" way to do it.
Ok. This is a good point too :) Yeah, using the sector as an
initialization vector rather than part of the key would be the best
way to do it.
> Block ciphers are also generally faster than hashes, given the way you
> were going to use them. I think your appeals to speed are misplaced. When
> you say you will "generate more bits" above, you should be aware that
> most existing hash functions will take 128 bytes of input, padding to
> ensure that they have that much, to produce the 16 or 20 bytes of output.
> This is a lot of processing...
Yeah, but understand that at first I was considering that the sector #
would be part of the key, so you'd have to rehash it all every sector
anyhow, or inode or whatever you decide to work with anyhow.. then
do actual key preprocessing/setup, finally do actual crypto on top of it.
In this scenario (granted that this scenario should never be used) I
think hashing/XOR would be faster..
But, that is a dead point anyhow, since I'd be insane to hash/xor.
Ok, so now I just gotta find a cipher that fits the Linux distribution
model.. I figure Blowfish and SHA would work good here.. I have a
feeling that ext2.c is not that pretty..
Michael J. Graffam (mgraffam@mhv.net)
http://www.mhv.net/~mgraffam -- Philosophy, Religion, Computers, Crypto, etc
"Act only according to that maxim by which you can at the same time will that
it should become a universal law.." - Immanuel Kant "Metaphysics of Morals"
The following archive was created by hippie-mail 7.98617-22 on Fri Aug 21 1998 - 17:18:57 ADT