[dm-crypt] Random fill
Heinz Diehl
htd at fancy-poultry.org
Mon Aug 31 12:38:50 CEST 2009
On 31.08.2009, test532 at codingninjas.org wrote:
> I agree with Rick that one should use /dev/urandom (instead of encryption) due
> to the enabling of known plaintext attacks
Known plaintext attacks on what? On a bunch of zeroes?
After overwriting the whole partition using dmcrypt via /dev/zero, the
random key used will be deleted irrevocably, and the partition gets a brand new
setup of LUKS/dmcrypt, and it gets partially filled with "real" data. You haven't
even to use the same algorithm, hash or whatever. How should this lead to
a significantly better situation to attack the key/ciphertext?
More information about the dm-crypt
mailing list