[dm-crypt] LUKS and LVM

Nicolas Bock nicolasbock at gmail.com
Sat Feb 19 20:12:04 CET 2011


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



On 02/19/11 12:08, Arno Wagner wrote:
>> Why use random data to overwrite? Shouldn't /dev/zero be enough since
>> the crypto should produce good randomness on disk?
> 
> It is only marginally slower this way and there may be issues
> with initialisation vectors in disk encryption. There are
> no that I know of with the current cryptsetup defaults. This
> is just a very cheap additional layer of protection.

Ah, thanks...
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.16 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk1gFgQACgkQf15tZKyRylIGeQCdEzUOWrmcHbkHc6TmbFsrhTFI
5iAAn1kjrp+1DSHVH39h9naETPNi19Xq
=Ljq9
-----END PGP SIGNATURE-----


More information about the dm-crypt mailing list