Tom Weinstein (tomw@netscape.com)
Wed, 24 Jun 1998 14:34:21 -0700
mgraffam@mhv.net wrote:
>
> Hello all..
>
> I might try to hack ext2 to do encryption, depends on how scary the
> code looks.
>
> First, though, how about some ideas about my proposed method..
>
> I base it on a strong hash. Take some hash function H, and hash the
> sector number you want to access, concatenated with the user's key. This
> will yield some hash output, H'. XOR H' with the contents of the sector
> to encrypt/decrypt. Simple and fast. The whole system is as strong as the
> hash.. since that is basically all it is. If you need more bits for a
> sector than H' has, generate more bits with H(key+sector_number+H')
> where + is concatenation.
You're using a hash function as a keystream generator for a stream cipher.
You might as well just use RC4 in that case.
> You could also use a block cipher to encrypt the sector contents with
> the sector number and userkey as the cipher's key. The problem here is
> that you still need a hash algorithm around to hash down the passphrase
> and sector number to some random bits so that eats kernel memory, and
> the function itself will take time. Then you still have to do the actual
> block cipher crypto, which will take some more time. XORing the hash and
> the sector contents can shorten that time considerably, since you need
> to have the hash either way.. this is my main reason.. I'd like disk
> access to be as fast as possible, and all the sectors should be encrypted
> independantly so that any sector can be decrypted without needing to
> appeal to previous state.
>
> The other problem with using a block cipher like this is that most block
> ciphers have long key schedule set up routines, designed to help thwart
> brute force.. since we need to change keys every time we access a sector,
> we will have a time penalty that way.
>
> Any suggestions for a better way to do this?
If you want to minimize key setup, use a block cipher (blowfish, for
example), and use the block number (or, the block number hashed with
some salt) for the IV.
-- What is appropriate for the master is not appropriate| Tom Weinstein for the novice. You must understand Tao before | tomw@netscape.com transcending structure. -- The Tao of Programming |
The following archive was created by hippie-mail 7.98617-22 on Fri Aug 21 1998 - 17:19:01 ADT