Mailinglist Archive: opensuse (3337 mails)

< Previous Next >
Re: [opensuse] cryptoloop
  • From: Carl-Daniel Hailfinger <c-d.hailfinger.devel.2006@xxxxxxx>
  • Date: Fri, 21 Apr 2006 19:41:49 +0200
  • Message-id: <4449195D.5010005@xxxxxxx>
Oliver Tennert schrieb:
> On Fri, 21 Apr 2006, Henne Vogelsang wrote:
>>>The advantage you get however if you switch to dm-crypt is: actively
>>>maintained code plus additional features and enhanced security.
>>In reality dm-crypt is as maintained as cryptoloop
> Is it? I just have a look at cryptoloop.c and see the latest changes are
> dated 2003.

Not correct. Last change in drivers/block/cryptoloop.c happended 2005-09-02
by Herbert Xu. That one however was not crypto related. On the other hand,
the last change in drivers/md/dm-crypt.c happened 2006-03-27 by Andrew Morton.
Much more notable is that dm-crypt always leaked its key, a bug that was
only fixed in January 2006. Such a bug is obviously not a sign of quality.
And I wouldn't describe "always leaking the key" as enhanced security either.
But it surely is an additionaly feature from the attacker's point of view.


< Previous Next >
Follow Ups