[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Linux disk partition encryption

On Thu, 27 Jan 2011 12:06:39 -0200
Eduardo M KALINOWSKI <eduardo@kalinowski.com.br> wrote:

> On Qui, 27 Jan 2011, Celejar wrote:
> >> Now another question, which nobody seems to have noticed/mentioned.
> >>
> >> Since CBC encryption is a "recursive algorithm, the encryption of the n-th
> >> block requires the encryption of all preceding blocks, 0 till n-1." [1]
> >> Now, does it mean if my HD has a bad block in the middle, then all the
> >> remaining data will be gone entirely?
> >>
> >> 1. http://clemens.endorphin.org/LinuxHDEncSettings
> >
> > This seems correct - Wikipedia also says that with CBC:
> >
> > "Note that a one-bit change in a plaintext affects all following
> > ciphertext blocks."
> >
> > http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher-block_chaining_.28CBC.29
> 
> That is correct, but the whole disk is not one single CBC-encoded  
> unity. The link in the question message says that:
> 
> [...] CBC chaining is cut every sector and restarted with a new  
> initialisation vector (IV), so we can encrypt sectors individually.  
> The choice of the sector as smallest unit matches with the smallest  
> unit of hard disks, where a sector is also atomic in terms of access.
> 
> http://clemens.endorphin.org/LinuxHDEncSettings

Ah, ok.  Thanks.
Celejar
-- 
foffl.sourceforge.net - Feeds OFFLine, an offline RSS/Atom aggregator
mailmin.sourceforge.net - remote access via secure (OpenPGP) email
ssuds.sourceforge.net - A Simple Sudoku Solver and Generator
Reply to: