[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: cryptsetup problem



On 3/06/2014 6:13 AM, Bzzz wrote:
> On Tue, 03 Jun 2014 06:07:31 +1000
> Andrew McGlashan <andrew.mcglashan@affinityvision.com.au> wrote:
> 
>> The problem with that is that you will only have crypted data
>> where you write data in the volume.  The rest will still be
>> zeroed ... better to have a fully crypted volume from first to
>> last byte, then there is no way for anybody to tell how much data
>> you've written and where it is or anything else that might be
>> interesting about the positioning of non zero data.
> 
> I know as the first thing I always do with my encrypted
> partitions if filling them with random data (haveged helps:)

Okay, but my understanding is that once you have a LUKS crypt volume
(with the right setup), it doesn't matter what data you write across the
whole volume, it will all be fully encrypted using your own specific
key.  There are weaker encryption choices that could be a problem with
repetitive data, but if done properly, repetitive data poses no threat
against the real data.

Cheers
A.


Reply to: