Mailinglist Archive: opensuse (3337 mails)

< Previous Next >
Re: [opensuse] cryptoloop
  • From: Oliver Tennert <O.Tennert@xxxxxxxxxxxxxxxxxxxx>
  • Date: Fri, 21 Apr 2006 15:58:13 +0200
  • Message-id: <200604211558.15516.tennert@xxxxxxxxxxxxxxxxxxxx>
Am Freitag, 21. April 2006 15:35 schrieb Henne Vogelsang:
>
> > I understand that (Open)SUSE 10.1 ist going to be the test arena for SLES
> > 10, or am I wrong?
>
> You do. They are from the same codebase yes but SUSE Linux is no testbed
> for SUSE Linux Enterprise 10!
>

OK, I put it another way: the experience you get from SUSE 10.1 surely
influences SLES development.

> dm-crypt is far away from being the standard for encrypted filesystems.

If you define "standard" to be the most deployed solution, then yes it is.
cryptoloop surely is completely out.

> It has the same problem with weak IV generation as cryptoloop. And ESSIV
> is not very well analyzed yet (the things someone like David Wagner says
> about it do not help either). It does not bring any significant
> advantages over cryptoloop that justify the main problem we have with
> making a switch. You have to provide an upgrade path. And with
> enterprise products you have to provide an upgrade path for several
> years (read 7). This means that the more often you switch the
> implementation the more scenarios you have to cover in your upgrade path
> and the likelier you will fail to provide one. [1]

I do not understand that: surely you need an upgrade path when you break
compatibility. But if you don't then the upgrade path is as trivial as it is
when switching to cryptoloop. The advantage you get however if you switch to
dm-crypt is: actively maintained code plus additional features and enhanced
security.

>
> On a sidenote: Everything you need to use dm-crypt is included since
> several versions. Its just not default in YaST.
>

Yes, I know. So: why not use it?

> Please als note: All the current cryptofs implementations are far from
> being complete (and good in a cryptographic sense). For instance they
> dont provide fundamental cryptographic needs like providing integrity
> (prevent corruption, reverting, swapping attacks) or prevention against
> watermarking.
>

The ESSIV generation scheme is _the_ protection against simple watermarking
attacks. This is one of the reasons it has been developed.

> So in short, simply because its new and everybody else uses it its not
> better in any way.
>

First: dm-crypt is not new, but intree since 2.6.4. Second: switching to
something obsolete and unmaintained surely is wrong.

Best regards

Oliver


--
You first have to decide whether to use the short or the long form.
The short form is what the Internal Revenue Service calls "simplified",
which means it is designed for people who need the help of a Sears
tax-preparation expert to distinguish between their first and last
names. Here's the complete text:

"(1) How much did you make? (AMOUNT)
"(2) How much did we here at the government take out? (AMOUNT)
"(3) Hey! Sounds like we took too much! So we're going to
send an official government check for (ONE-FIFTEENTH OF
THE AMOUNT WE TOOK) directly to the (YOUR LAST NAME)
household at (YOUR ADDRESS), for you to spend in any way
you please! Which just goes to show you, (YOUR FIRST
NAME), that it pays to file the short form!"

The IRS wants you to use this form because it gets to keep most of your
money. So unless you have pond silt for brains, you want the long
form.
-- Dave Barry, "Sweating Out Taxes"
--
__
________________________________________creating IT solutions

Dr. Oliver Tennert
Senior Solutions Engineer
CAx Professional Services
science + computing ag
phone +49(0)7071 9457-598 Hagellocher Weg 71-75
fax +49(0)7071 9457-411 D-72070 Tuebingen, Germany
O.Tennert@xxxxxxxxxxxxxxxxxxxx www.science-computing.de



< Previous Next >
Follow Ups