Re: GELI - disk encryption for FreeBSD - review request.
From: Joseph Ashwood (ashwood_at_msn.com)
Date: 07/29/05
- Next message: Walter Roberson: "Re: Barcode Email"
- Previous message: Bryan Olson: "Re: Multiple Encryption (was a lot of things)"
- In reply to: Andrew Swallow: "Re: GELI - disk encryption for FreeBSD - review request."
- Next in thread: Andrew Swallow: "Re: GELI - disk encryption for FreeBSD - review request."
- Reply: Andrew Swallow: "Re: GELI - disk encryption for FreeBSD - review request."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 29 Jul 2005 11:27:06 GMT
"Andrew Swallow" <am.swallow@btopenworld.com> wrote in message
news:dcc4na$7p1$1@nwrdmz03.dmz.ncs.ea.ibs-infra.bt.com...
> Joseph Ashwood wrote:
[use entropy collection]
> Entropy collection quickly runs into practical problems.
> For a disk being written to 50 times a second
> 50 * 24 = 1200 bits of entropy per second.
>
> Servers frequently do not even have a mouse to wave around.
> There may be sufficient entropy to change the second key
> variable every time you power up.
That could pose a problem. I'm not entirely certain of the real
requirements, I haven't given those much investigation, for examination I
had simply assumed an infinite number of purely entropic bits were easily
available. I'm sure there's some compromise between pure entropy and CTR
mode that will be secure.
Joe
- Next message: Walter Roberson: "Re: Barcode Email"
- Previous message: Bryan Olson: "Re: Multiple Encryption (was a lot of things)"
- In reply to: Andrew Swallow: "Re: GELI - disk encryption for FreeBSD - review request."
- Next in thread: Andrew Swallow: "Re: GELI - disk encryption for FreeBSD - review request."
- Reply: Andrew Swallow: "Re: GELI - disk encryption for FreeBSD - review request."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
