Secure IDE? (fwd)

Mike Rosing eresrch at eskimo.com
Sat Aug 2 21:01:47 PDT 2003 

Forwarded by request.

---------- Forwarded message ----------

sector address as the IV. IVs don't need to be
 random, secret, or
unpredictable - they just need to be unrepeated.
 (I'm
 assuming
 sector-at-a-
time encryption).



If the IV is not a secret how are we going to prevent
block replay attacks on cipher text?


Regards Sarath.




 --- Peter Gutmann <pgut001 at cs.auckland.ac.nz> wrote:
 > "Trei, Peter" <ptrei at rsasecurity.com> writes:
 >

pgut001 at cs.auckland.ac.nz[SMTP:pgut001 at cs.auckland.ac.nz]
 > >>"Trei, Peter" <ptrei at rsasecurity.com> writes:
 > >>>with a good distribution of IVs
 > >>
 > >>Where would you store them?  The feature of this
 > is that it's fully
 > >>transparent, so you can't store IVs anywhere.
 > >
 > >I'm not really up on crypto file systems, but I
 > beleive at least some use the
 > >sector address as the IV. IVs don't need to be
 > random, secret, or
 > >unpredictable - they just need to be unrepeated.
 > (I'm assuming sector-at-a-
 > >time encryption).
 >
 > But the IV is repeated, every time you encrypt new
 > data for that sector.  You
 > need to either store a random IV for each sector
 > (usually infeasible) or make
 > two passes over the data (details vary), using the
 > output from pass 1 to
 > affect pass 2 (slow).
 >
 > >>>* Some kind of PIN or password protection on
 the
 > dongle.
 > >>
 > >>How would you do this without a custom BIOS
 > (remember that their general
 > >>product is for dropping into any PC)?
 > >
 > >We're talking about two different products. The
 > ABIT is a MB, presumably with
 > >it's own custom BIOS, so that's not an issue
 there.
 >
 > Customised, not custom.  Think of it as a
 > Chinese-menu type setup, it's a one-
 > size-fits-all BIOS with appropriate modules
 compiled
 > in for handling the CPU
 > and chipset features.  Now motherboard vendors can
 > plug in their own feature
 > modules, but it's a somewhat nontrivial option
 > usually used only for highly
 > marketable features (overclocking options, ability
 > to re-flash from Windows,
 > etc etc).
 >
 > Peter.
 >

>
> __________________________________
> Do you Yahoo!?
> Yahoo! SiteBuilder - Free, easy-to-use web site
> design software
> http://sitebuilder.yahoo.com


__________________________________
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
http://sitebuilder.yahoo.com

More information about the cypherpunks-legacy mailing list