[dm-devel] my encryption
Erik Tews
erik at debian.franken.de
Mon Oct 20 12:01:01 UTC 2003
On Sun, Oct 19, 2003 at 09:56:45PM +0200, jon at kollegiegaarden.dk wrote:
> > > > > It doesnt shuffle the sectors arround
> > > >
> > > > Does this really provide more security ?
> > >
> > > Maybe, i'm not a cryptoanalyser, but GBDE does this, and i think they
> > > do it for a reason. The idea is that you can attack the encryption if
> > > you have "known plaintext", and a filesystem stores known meta data
> > > at a known location.
> >
> > This is correct, I think this is a fine idea, if the blocks a big enough
> > that this will not make the disk seek all the day.
>
> i'm not aware of how big blocks that GBDE uses.
Usually, filesystems will try to save files with all sectors together in
one line. If you use for example 512 byte blocks and shuffle them all
over the disk, you will perhaps get less then 10% as usual while reading
a file.
If you use 4 mb blocks like lvm does it (in old versions) you won't
notice anything.
More information about the dm-devel
mailing list