Date: Fri, 24 Mar 2006 18:12:46 -0500 (EST)
From: James Morris <jmorris@namei.org>
To: Michael Halcrow <mhalcrow@us.ibm.com>
cc: Andrew Morton <akpm@osdl.org>, phillip@hellewell.homeip.net,
       linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org,
       viro@ftp.linux.org.uk, mike@halcrow.us, mcthomps@us.ibm.com,
       yoder1@us.ibm.com, toml@us.ibm.com, emilyr@us.ibm.com,
       daw@cs.berkeley.edu
Subject: Re: eCryptfs Design Document
In-Reply-To: <20060324222517.GA13688@us.ibm.com>
Message-ID: <Pine.LNX.4.64.0603241757090.27964@excalibur.intercode>
References: <20060324222517.GA13688@us.ibm.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: linux-kernel-owner@vger.kernel.org
Content-Length: 1106
Lines: 28

On Fri, 24 Mar 2006, Michael Halcrow wrote:

> initialization vector by taking the MD5 sum of the file encryption
> key; the root IV is the first N bytes of that MD5 sum, where N is the
> number of bytes constituting an initialization vector for the cipher
> being used for the file (it is worth noting that known plaintext
> attacks against the MD5 hash algorithm do not affect the security of
> eCryptfs, since eCryptfs only hashes secret values).

What about other attacks on MD5?  Hard coding it into the system makes me 
nervous, what about making this selectable?

> By default, eCryptfs selects AES-128. Later versions of eCryptfs will 
> allow the user to select the cipher and key length.

Also, what about making the encryption mode selectable, to at least allow 
for like LRW support in addition to CBC?


- James
-- 
James Morris
<jmorris@namei.org>
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/