Re: On-Disk Encryption and Data Integrity
- From: Kristian Gjøsteen <kristiag+news@xxxxxxxxxxxx>
- Date: Mon, 2 Feb 2009 07:56:06 +0000 (UTC)
Jeffrey Walton <noloader@xxxxxxxxx> wrote:
It seems GCM is probably not well suited
for file encryption
I don't think so. If you want to encrypt a reasonably-sized file,
GCM is probably fine even with moderately short tags (possibly even
64-96 bits, I haven't done any calculations). If the file is _huge_,
you should probably use a long tag, but then again, what's 128 bits
compared to several gigabyte?
and most likely not suited for whole disk
encryption (where a typical Microsoft installation is gigabytes).
It is obviously not suited for whole disk encryption. CBC mode is
only marginally better at that. Like I said, there are dedicated modes
for this.
--
Kristian Gjøsteen
.
- Follow-Ups:
- Re: On-Disk Encryption and Data Integrity
- From: Jeffrey Walton
- Re: On-Disk Encryption and Data Integrity
- References:
- Re: On-Disk Encryption and Data Integrity
- From: Jeffrey Walton
- Re: On-Disk Encryption and Data Integrity
- Prev by Date: Re: On-Disk Encryption and Data Integrity
- Next by Date: Re: The Simplest Overview of Recent Crypto System Claims.
- Previous by thread: Re: On-Disk Encryption and Data Integrity
- Next by thread: Re: On-Disk Encryption and Data Integrity
- Index(es):
Relevant Pages
|
