"Trei, Peter" <ptrei@rsasecurity.com> writes:
pgut001@cs.auckland.ac.nz[SMTP:pgut001@cs.auckland.ac.nz]
"Trei, Peter" <ptrei@rsasecurity.com> writes:
with a good distribution of IVs
Where would you store them? The feature of this is that it's fully transparent, so you can't store IVs anywhere.
I'm not really up on crypto file systems, but I beleive at least some use the sector address as the IV. IVs don't need to be random, secret, or unpredictable - they just need to be unrepeated. (I'm assuming sector-at-a- time encryption).
But the IV is repeated, every time you encrypt new data for that sector. You need to either store a random IV for each sector (usually infeasible) or make two passes over the data (details vary), using the output from pass 1 to affect pass 2 (slow).
* Some kind of PIN or password protection on the dongle.
How would you do this without a custom BIOS (remember that their general product is for dropping into any PC)?
We're talking about two different products. The ABIT is a MB, presumably with it's own custom BIOS, so that's not an issue there.
Customised, not custom. Think of it as a Chinese-menu type setup, it's a one- size-fits-all BIOS with appropriate modules compiled in for handling the CPU and chipset features. Now motherboard vendors can plug in their own feature modules, but it's a somewhat nontrivial option usually used only for highly marketable features (overclocking options, ability to re-flash from Windows, etc etc). Peter.