[dm-crypt] using a salt for encrypting blocks

Milan Broz mbroz at redhat.com
Tue Dec 28 12:03:26 CET 2010

On 12/28/2010 09:29 AM, octane indice wrote:
> En réponse à Arno Wagner <arno at wagner.name> :
>> The anzwer is actually no. As changed information has to be 
>> written to diek, an attacker can allways tell when a sector 
>> is changed.
> My idea is to cipher _all_ blocks by changing the salt.

You forgot one fundamental thing.

If an attacker can do snapshots in time (IOW he can read the cipher
text device after user performed some changes) he has either
physical access to the system or he has administrator permissions.

This allows more powerfull attacks already (installing keylogger,
modifying kernel, bios, ...).

If an attacker has such access nothing will help you.
The chain is weaker somewhere else here.

> not so much, depending on how much data you cipher.
> I use files of less than 100Mbytes and cipher them. On
> close, a full recipher wouldn't take long.

Then use encryption on filesystem level (e.g. with CTR mode, iow
stream mode) and not sector level block device encryption.


More information about the dm-crypt mailing list