Hello, --- Joseph Ashwood <ashwood@msn.com> wrote:
Without the introduction of another key it is impoosible to improve on the security proof of CBC, so what they've done is introduce a method of obfuscation that they hope will not be broken, but breaking it will not affect the security of CBC mode in any way, simply because if it did break AES-CB, an attacker could apply it themself quite cheaply. The proof basically boils down to: it's CBC, attacker loses. Joe
Did a search and found this.Bruce Schneier's article suggests that BitLocker be used without the diffusers. As you have mentioned chaining with CBC looks good enough. http://www.schneier.com/blog/archives/2006/05/bitlocker.html Encryption particulars: The default data encryption algorithm is AES-128-CBC with an additional diffuser. The diffuser is designed to protect against ciphertext-manipulation attacks, and is independently keyed from AES-CBC so that it cannot damage the security you get from AES-CBC. Administrators can select the disk encryption algorithm through group policy. Choices are 128-bit AES-CBC plus the diffuser, 256-bit AES-CBC plus the diffuser, 128-bit AES-CBC, and 256-bit AES-CBC. (My advice: stick with the default.) --- cyphrpunk <cyphrpunk@gmail.com> wrote:
An anoymous message was sent to the list on September 7 which outlined Vista's TPM use and discussed some security implications.
http://www.ukhackers.com/story/?id=7616 This must be it :-) Thankyou, Sarad. __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com