Re: [T(A)ILS-dev] Specification and security design document

Delete this message

Reply to this message
Autor: intrigeri
Data:  
A: The T\(A\)ILS public development discussion list
Assumpte: Re: [T(A)ILS-dev] Specification and security design document
Hi,

tim smy wrote (20 Dec 2010 22:20:27 GMT) :
> please consider loop-aes its far more secure that the others
> mentioned.


Any reference to support this please?

I must admit I entirely lost track of loop-aes once the watermarking
and replaying issues it fixed far before dm-crypt were fixed in the
later as well (thanks to the LRW cipher mode IIRC). Most LRW issues
have been fixed by XTS. It makes me think we should review the default
cipher mode used by the tools we ship (cryptsetup, gnome-disk-utility
in Squeeze, luksformat).

Also, I do not think we absolutely want to use the "more secure" in
any category. If LUKS / cryptsetup / dm-crypt is secure enough for our
threat model, then I think its pretty good integration in Debian and
in modern desktop environments makes it the best tool for T(A)ILS to
support.

Bye,
--
intrigeri <intrigeri@???>
| GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc
| OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr-fingerprint.asc
| The impossible just takes a bit longer.