>>>>> On Thu, 06 Aug 2009 09:46:59 +0200, Milan Broz <[email protected]> said:
> Sebastian Andrzej Siewior wrote:
>> Don't use this as a block cipher in dm-crypt, it is a bad idea.
>>
>> The long story:
>> ARC4 is a stream cipher and not a block cipher. Its internal state is
>> reseted in setkey() and every crypto request (encrypt/decrypt don't
>> matter) update the internal state of the stream cipher. That's why you
>> get a different result every time you read the same block.
>>
>> If you want to use this stream cipher in dm-crypt you would have to
>> setup it up in ECB mode and use a key like "passphrase-IV". You have to
>> set this key before a requests and wait until its done until you
>> issue another crypto request (which includes setkey).
Thanks for the explanation. I do know that arc4 is a stream cipher, but
the contents of /proc/crypto and the fact that luksOpen succeeds both
suggest than it can be used somehow.
> yes, I understand why this happens. I do not want to use stream cipher,
> but apparently users will do that:-)
I did not really plan to use arc4, except to verify a surprising speed
test result seen elsewhere.
> My question was why crypto allows this setting?
> Or maybe what to do in dm-crypt to not allow user set such cipher
> mapping (because it cannot produce anything useful).
> IMHO it will not work even in ECB mode here for dm-crypt.
> (also dm-crypt uses own IV function generators, but it is another story)
>> CBC will not work because one of its requirements is that the cipher
>> provides an inverse function which ARC4 simply does not have.
> Again, why crypto API allows to use it and do not produce error then?
Yes, if arc4 is only used for WEP perhaps the crypto API should emit an
error earlier so that "cryptsetup luksOpen" fails.
--
Stelios Bounanos
perl -e 'print+reverse"t\nney.ttno\@esb"=~/(..)/sg' #key: 0xE88A7F61
_______________________________________________
dm-crypt mailing list
[email protected]
http://www.saout.de/mailman/listinfo/dm-crypt
Stelios Bounanos <[email protected]> wrote:
>
>> Again, why crypto API allows to use it and do not produce error then?
>
> Yes, if arc4 is only used for WEP perhaps the crypto API should emit an
> error earlier so that "cryptsetup luksOpen" fails.
I'm going to fix arc4 so that this "random" behaviour does not
occur. However, that is not to say that it is a good idea to
use arc4 for disk encryption.
Cheers,
--
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt