From: Stelios Bounanos Subject: Re: cryptsetup with arc4 cipher Date: Thu, 06 Aug 2009 18:07:49 +0100 Message-ID: <87iqh050re.wl@obsidian.enotty.net> References: <87zlaf3zl0.wl@obsidian.enotty.net> <4A7984A7.40109@redhat.com> <20090805203017.GA5875@Chamillionaire.breakpoint.cc> <4A7A8A73.706@redhat.com> Mime-Version: 1.0 (generated by SEMI 1.14.6 - "Maruoka") Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Cc: dm-crypt-4q3lyFh4P1g@public.gmane.org, Sebastian Andrzej Siewior , linux-crypto-u79uwXL29TY76Z2rM5mHXA@public.gmane.org To: Milan Broz Return-path: In-Reply-To: <4A7A8A73.706-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org> List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: dm-crypt-bounces-4q3lyFh4P1g@public.gmane.org Errors-To: dm-crypt-bounces-4q3lyFh4P1g@public.gmane.org List-Id: linux-crypto.vger.kernel.org >>>>> On Thu, 06 Aug 2009 09:46:59 +0200, Milan Broz said: > Sebastian Andrzej Siewior wrote: >> Don't use this as a block cipher in dm-crypt, it is a bad idea. >> >> The long story: >> ARC4 is a stream cipher and not a block cipher. Its internal state is >> reseted in setkey() and every crypto request (encrypt/decrypt don't >> matter) update the internal state of the stream cipher. That's why you >> get a different result every time you read the same block. >> >> If you want to use this stream cipher in dm-crypt you would have to >> setup it up in ECB mode and use a key like "passphrase-IV". You have to >> set this key before a requests and wait until its done until you >> issue another crypto request (which includes setkey). Thanks for the explanation. I do know that arc4 is a stream cipher, but the contents of /proc/crypto and the fact that luksOpen succeeds both suggest than it can be used somehow. > yes, I understand why this happens. I do not want to use stream cipher, > but apparently users will do that:-) I did not really plan to use arc4, except to verify a surprising speed test result seen elsewhere. > My question was why crypto allows this setting? > Or maybe what to do in dm-crypt to not allow user set such cipher > mapping (because it cannot produce anything useful). > IMHO it will not work even in ECB mode here for dm-crypt. > (also dm-crypt uses own IV function generators, but it is another story) >> CBC will not work because one of its requirements is that the cipher >> provides an inverse function which ARC4 simply does not have. > Again, why crypto API allows to use it and do not produce error then? Yes, if arc4 is only used for WEP perhaps the crypto API should emit an error earlier so that "cryptsetup luksOpen" fails. -- Stelios Bounanos perl -e 'print+reverse"t\nney.ttno\@esb"=~/(..)/sg' #key: 0xE88A7F61 _______________________________________________ dm-crypt mailing list dm-crypt-4q3lyFh4P1g@public.gmane.org http://www.saout.de/mailman/listinfo/dm-crypt