encrypted root filesystem
devine at iie.cnam.fr
Tue Feb 24 07:28:02 PST 2004
Ian Molton <spyro at f2s.com> wrote:
> > No, they're not. You should be ashamed of yourself for posting such a
> > comment.
> I remain unconvinced. encrypting an entire filesystem gives you loads of
> known plaintext (and binaries, potentially).
This is right. However even with 2^64 known plaintext/ciphertext couples,
cryptographers are unable to crack the key used to encrypt the media. At
the moment, the best attack method we know is by brute-forcing the keyspace,
which cannot be achieved: there simply isn't enough computing power in the
whole universe to crack an AES-128 key by brute force.
More information about the hlfs-dev