Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1750961AbWC0QRx (ORCPT ); Mon, 27 Mar 2006 11:17:53 -0500 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S1750968AbWC0QRx (ORCPT ); Mon, 27 Mar 2006 11:17:53 -0500 Received: from xproxy.gmail.com ([66.249.82.199]:27964 "EHLO xproxy.gmail.com") by vger.kernel.org with ESMTP id S1750960AbWC0QRu convert rfc822-to-8bit (ORCPT ); Mon, 27 Mar 2006 11:17:50 -0500 DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=W5ba2bvtvWFfzalPa67HesYWbhzsw0Zgl4dYhH7B7+Q6dFmADjLn4LhO4yEQ+Ve/qdOgX+vpqxAUfAWGixXlTIoHEkv63T5+xIgwhQHjpvR45hlAOvxwqbgV+GoMvUYRFNMn0lyG6KBsYQXtJ+FQaU8tj45QaWqq/yYp/ltwTQg= Message-ID: Date: Mon, 27 Mar 2006 10:17:48 -0600 From: "Michael Thompson" To: "James Morris" Subject: Re: eCryptfs Design Document Cc: "Michael Halcrow" , "Andrew Morton" , phillip@hellewell.homeip.net, linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, viro@ftp.linux.org.uk, mike@halcrow.us, mcthomps@us.ibm.com, yoder1@us.ibm.com, toml@us.ibm.com, emilyr@us.ibm.com, daw@cs.berkeley.edu In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7BIT Content-Disposition: inline References: <20060324222517.GA13688@us.ibm.com> Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1716 Lines: 37 On 3/24/06, James Morris wrote: > On Fri, 24 Mar 2006, Michael Halcrow wrote: > > > initialization vector by taking the MD5 sum of the file encryption > > key; the root IV is the first N bytes of that MD5 sum, where N is the > > number of bytes constituting an initialization vector for the cipher > > being used for the file (it is worth noting that known plaintext > > attacks against the MD5 hash algorithm do not affect the security of > > eCryptfs, since eCryptfs only hashes secret values). > > What about other attacks on MD5? Hard coding it into the system makes me > nervous, what about making this selectable? > > > By default, eCryptfs selects AES-128. Later versions of eCryptfs will > > allow the user to select the cipher and key length. > > Also, what about making the encryption mode selectable, to at least allow > for like LRW support in addition to CBC? These are part of the eCryptfs roadmap. I'm not sure when we are planning to incorperate the functionality to select your hash and cipher (I believe its 0.2 or 0.3), but we have experimented with this and have had success doing so. The code is not included in 0.1 due to lack of testing and conflict with our mental model of the releases. Should this functionality be high desired / required, I see no reason why it can't be added, but Mike Halcrow and Phillip need to weight in on this too :) -- Michael C. Thompson Software-Engineer, IBM LTC Security - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/