Re: safety of encrypted filesystems
* martin f. krafft:
> also sprach Florian Weimer <email@example.com> [2005.06.17.0848 +0200]:
>> These are *cipher* blocks, and they are chained only within
>> a *block device* block.
> Who guarantees that? If Cipherblock CB_x depends on CB_(x-1), then
> CB_last will indirectly depend on CB_first. If the data are large
> enough to span multiple block device blocks, damage to the beginning
> of the cipherfile makes the rest of the file unusable, no?
For each device block, a constant, block-specific IV is used. Device
blocks are not chained together. The block device doesn't know
anything about files, anyway.