also sprach Alexander Zangerl <az@bond.edu.au> [2005.06.17.0915 +0200]: > no, this is subtly wrong. the *encrypted* block affects the decryption of the > block following it, not the cleartext block. > > one dead block spills junk all over the block+1 when decrypted, > but the (undamaged) encrypted block+1 is used to decrypt block+2 and > so on. Ah, yeah, this makes perfect sense. I *knew* it even. I simply failed to see the big picture. So encrypted block devices are not really more dangerous than clear-text in the end... I suppose with AES you end up losing at least 64 bytes of data, which could be less without encryption... -- Please do not send copies of list mail to me; I read the list! .''`. martin f. krafft <madduck@debian.org> : :' : proud Debian developer, admin, user, and author `. `'` `- Debian - when you have better things to do than fixing a system Invalid/expired PGP subkeys? Use subkeys.pgp.net as keyserver! always remember you're unique, just like everyone else.
Attachment:
signature.asc
Description: Digital signature