From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-pv0-f178.google.com (mail-pv0-f178.google.com [74.125.83.178]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by mail.saout.de (Postfix) with ESMTPS for ; Sat, 19 Feb 2011 20:12:08 +0100 (CET) Received: by pvg7 with SMTP id 7so175318pvg.37 for ; Sat, 19 Feb 2011 11:12:07 -0800 (PST) Message-ID: <4D601604.303@gmail.com> Date: Sat, 19 Feb 2011 12:12:04 -0700 From: Nicolas Bock MIME-Version: 1.0 References: <20110218173302.GA9234@tansi.org> <20110218200718.GA12395@tansi.org> <4D5FF3CC.6010804@gmail.com> <20110219190858.GA6981@tansi.org> In-Reply-To: <20110219190858.GA6981@tansi.org> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Subject: Re: [dm-crypt] LUKS and LVM List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: dm-crypt@saout.de -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 02/19/11 12:08, Arno Wagner wrote: >> Why use random data to overwrite? Shouldn't /dev/zero be enough since >> the crypto should produce good randomness on disk? > > It is only marginally slower this way and there may be issues > with initialisation vectors in disk encryption. There are > no that I know of with the current cryptsetup defaults. This > is just a very cheap additional layer of protection. Ah, thanks... -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.16 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk1gFgQACgkQf15tZKyRylIGeQCdEzUOWrmcHbkHc6TmbFsrhTFI 5iAAn1kjrp+1DSHVH39h9naETPNi19Xq =Ljq9 -----END PGP SIGNATURE-----