[dm-crypt] Random fill

Heinz Diehl htd at fancy-poultry.org
Mon Aug 31 12:38:50 CEST 2009


On 31.08.2009, test532 at codingninjas.org wrote: 

> I agree with Rick that one should use /dev/urandom (instead of encryption) due 
> to the enabling of known plaintext attacks

Known plaintext attacks on what? On a bunch of zeroes?

After overwriting the whole partition using dmcrypt via /dev/zero, the
random key used will be deleted irrevocably, and the partition gets a brand new
setup of LUKS/dmcrypt, and it gets partially filled with "real" data. You haven't
even to use the same algorithm, hash or whatever. How should this lead to
a significantly better situation to attack the key/ciphertext?



More information about the dm-crypt mailing list