encrypted root filesystem
bet at rahul.net
Tue Feb 24 06:25:50 PST 2004
2004-02-23T17:43:06 Ian Molton:
> I remain unconvinced. encrypting an entire filesystem gives you
> loads of known plaintext (and binaries, potentially).
Known plaintext (and even stronger, chosen plaintext) are attacks
against which a cryptosystem must be completely robust for it to be
considered a good one. Amateur efforts often fail this. But
something as simple as a good passphrase used as the key for a good
block cypher (e.g. AES) has no problems with known plaintext.
> I havent seen a problem yet that isn't better solved by
> application level crypto.
Then you may not have dealt much with normal users with their normal
feelings about any tradeoff that has "convenience" on one side of
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: not available
More information about the hlfs-dev