From: Milan Broz <mbroz@redhat.com>
To: Sebastian Andrzej Siewior <linux-crypto@ml.breakpoint.cc>
Cc: dm-crypt@saout.de, Stelios Bounanos <sb-lst@enotty.net>,
linux-crypto@vger.kernel.org
Subject: Re: [dm-crypt] cryptsetup with arc4 cipher
Date: Thu, 06 Aug 2009 09:46:59 +0200 [thread overview]
Message-ID: <4A7A8A73.706@redhat.com> (raw)
In-Reply-To: <20090805203017.GA5875@Chamillionaire.breakpoint.cc>
Sebastian Andrzej Siewior wrote:
> Don't use this as a block cipher in dm-crypt, it is a bad idea.
>
> The long story:
> ARC4 is a stream cipher and not a block cipher. Its internal state is
> reseted in setkey() and every crypto request (encrypt/decrypt don't
> matter) update the internal state of the stream cipher. That's why you
> get a different result every time you read the same block.
>
> If you want to use this stream cipher in dm-crypt you would have to
> setup it up in ECB mode and use a key like "passphrase-IV". You have to
> set this key before a requests and wait until its done until you
> issue another crypto request (which includes setkey).
yes, I understand why this happens. I do not want to use stream cipher,
but apparently users will do that:-)
My question was why crypto allows this setting?
Or maybe what to do in dm-crypt to not allow user set such cipher
mapping (because it cannot produce anything useful).
IMHO it will not work even in ECB mode here for dm-crypt.
(also dm-crypt uses own IV function generators, but it is another story)
> CBC will not work because one of its requirements is that the cipher
> provides an inverse function which ARC4 simply does not have.
Again, why crypto API allows to use it and do not produce error then?
Milan
--
mbroz@redhat.com
WARNING: multiple messages have this Message-ID (diff)
From: Milan Broz <mbroz@redhat.com>
To: Sebastian Andrzej Siewior <linux-crypto@ml.breakpoint.cc>
Cc: Stelios Bounanos <sb-lst@enotty.net>,
dm-crypt@saout.de, linux-crypto@vger.kernel.org
Subject: Re: [dm-crypt] cryptsetup with arc4 cipher
Date: Thu, 06 Aug 2009 09:46:59 +0200 [thread overview]
Message-ID: <4A7A8A73.706@redhat.com> (raw)
In-Reply-To: <20090805203017.GA5875@Chamillionaire.breakpoint.cc>
Sebastian Andrzej Siewior wrote:
> Don't use this as a block cipher in dm-crypt, it is a bad idea.
>
> The long story:
> ARC4 is a stream cipher and not a block cipher. Its internal state is
> reseted in setkey() and every crypto request (encrypt/decrypt don't
> matter) update the internal state of the stream cipher. That's why you
> get a different result every time you read the same block.
>
> If you want to use this stream cipher in dm-crypt you would have to
> setup it up in ECB mode and use a key like "passphrase-IV". You have to
> set this key before a requests and wait until its done until you
> issue another crypto request (which includes setkey).
yes, I understand why this happens. I do not want to use stream cipher,
but apparently users will do that:-)
My question was why crypto allows this setting?
Or maybe what to do in dm-crypt to not allow user set such cipher
mapping (because it cannot produce anything useful).
IMHO it will not work even in ECB mode here for dm-crypt.
(also dm-crypt uses own IV function generators, but it is another story)
> CBC will not work because one of its requirements is that the cipher
> provides an inverse function which ARC4 simply does not have.
Again, why crypto API allows to use it and do not produce error then?
Milan
--
mbroz@redhat.com
next prev parent reply other threads:[~2009-08-06 7:47 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-08-04 23:54 [dm-crypt] cryptsetup with arc4 cipher Stelios Bounanos
2009-08-05 13:09 ` Milan Broz
2009-08-05 20:30 ` Sebastian Andrzej Siewior
2009-08-05 20:30 ` Sebastian Andrzej Siewior
2009-08-06 7:46 ` Milan Broz [this message]
2009-08-06 7:46 ` Milan Broz
2009-08-06 8:38 ` Sebastian Andrzej Siewior
2009-08-06 8:38 ` Sebastian Andrzej Siewior
2009-08-06 9:19 ` Herbert Xu
2009-08-06 9:19 ` Herbert Xu
2009-08-06 17:07 ` Stelios Bounanos
2009-08-06 17:07 ` Stelios Bounanos
2009-08-08 3:10 ` [dm-crypt] " Herbert Xu
2009-08-08 3:10 ` Herbert Xu
2009-08-08 3:08 ` Herbert Xu
2009-08-08 3:08 ` Herbert Xu
2009-08-08 3:13 ` Herbert Xu
2009-08-08 3:13 ` Herbert Xu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4A7A8A73.706@redhat.com \
--to=mbroz@redhat.com \
--cc=dm-crypt@saout.de \
--cc=linux-crypto@ml.breakpoint.cc \
--cc=linux-crypto@vger.kernel.org \
--cc=sb-lst@enotty.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.