[dm-crypt] LUKS and LVM
Nicolas Bock
nicolasbock at gmail.com
Sat Feb 19 20:12:04 CET 2011
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 02/19/11 12:08, Arno Wagner wrote:
>> Why use random data to overwrite? Shouldn't /dev/zero be enough since
>> the crypto should produce good randomness on disk?
>
> It is only marginally slower this way and there may be issues
> with initialisation vectors in disk encryption. There are
> no that I know of with the current cryptsetup defaults. This
> is just a very cheap additional layer of protection.
Ah, thanks...
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.16 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk1gFgQACgkQf15tZKyRylIGeQCdEzUOWrmcHbkHc6TmbFsrhTFI
5iAAn1kjrp+1DSHVH39h9naETPNi19Xq
=Ljq9
-----END PGP SIGNATURE-----
More information about the dm-crypt
mailing list