Hi,
On Fri, Oct 30, 2020 at 12:33 PM Milan Broz <[email protected]> wrote:
>
> On 29/10/2020 11:05, Gilad Ben-Yossef wrote:
> >
> > +config CRYPTO_EBOIV
> > + tristate "EBOIV support for block encryption"
> > + default DM_CRYPT
> > + select CRYPTO_CBC
> > + help
> > + Encrypted byte-offset initialization vector (EBOIV) is an IV
> > + generation method that is used in some cases by dm-crypt for
> > + supporting the BitLocker volume encryption used by Windows 8
> > + and onwards as a backwards compatible version in lieu of XTS
> > + support.
> > +
> > + It uses the block encryption key as the symmetric key for a
> > + block encryption pass applied to the sector offset of the block.
> > + Additional details can be found at
> > + https://www.jedec.org/sites/default/files/docs/JESD223C.pdf
>
> This page is not available. Are you sure this is the proper documentation?
You need to register at the JEDEC web site to get the PDF. The
registration is free though.
It's the only standard I am aware of that describe this mode, as
opposed to a paper.
>
> I think the only description we used (for dm-crypt) was original Ferguson's Bitlocker doc:
> https://download.microsoft.com/download/0/2/3/0238acaf-d3bf-4a6d-b3d6-0a0be4bbb36e/bitlockercipher200608.pdf
Yes, the JEDEC has a reference to that as well, but the white paper
doesn't actually describe the option without the diffuser.
>
> IIRC EBOIV was a shortcut I added to dm-crypt because we found no official terminology for this IV.
> And after lunchtime, nobody invented anything better, so it stayed as it is now :-)
Well, I still don't have any better name to offer, LOL :-)
Gilad
--
Gilad Ben-Yossef
Chief Coffee Drinker
values of β will give rise to dom!