Re: Linux disk partition encryption
On Thu, Jan 27, 2011 at 03:06:39PM CET, Eduardo M KALINOWSKI <eduardo@kalinowski.com.br> said:
> On Qui, 27 Jan 2011, Celejar wrote:
> >>Now another question, which nobody seems to have noticed/mentioned.
> >>
> >>Since CBC encryption is a "recursive algorithm, the encryption of the n-th
> >>block requires the encryption of all preceding blocks, 0 till n-1." [1]
> >>Now, does it mean if my HD has a bad block in the middle, then all the
> >>remaining data will be gone entirely?
> >>
> >>1. http://clemens.endorphin.org/LinuxHDEncSettings
> >
> >This seems correct - Wikipedia also says that with CBC:
> >
> >"Note that a one-bit change in a plaintext affects all following
> >ciphertext blocks."
> >
> >http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher-block_chaining_.28CBC.29
>
> That is correct, but the whole disk is not one single CBC-encoded
> unity. The link in the question message says that:
>
> [...] CBC chaining is cut every sector and restarted with a new
> initialisation vector (IV), so we can encrypt sectors individually.
> The choice of the sector as smallest unit matches with the smallest
> unit of hard disks, where a sector is also atomic in terms of access.
>
> http://clemens.endorphin.org/LinuxHDEncSettings
take a look to the output of cryptsetup luksDump.
Here it says XTS-plain64 is used.
See http://en.wikipedia.org/wiki/Disk_encryption_theory for explanations on disk
encryption schemes.
CBC would be a very bad idea for random access and modification.
Reply to: