FUD about CGD and GBDE

[Steve Tremblett]

would people mind not bcc'ing freebsd-hackers?  I've been deleting this
thread from my inbox for a couple of days because it's not filtered into
my bsd folders :)


On Thu, 2005-03-03 at 15:52 -0500, Perry E. Metzger wrote:
> "Poul-Henning Kamp" <phk at phk.freebsd.dk> writes:
> > In message <Pine.NEB.4.62.0503031436160.12890 at server.duh.org>, Todd Vierling writes:
> >>On Thu, 3 Mar 2005, Poul-Henning Kamp wrote:
> >>
> >>> At the time where I wrote GBDE, the best that was offered was CGD (and
> >>> similar) and users (not cryptographers!) didn't trust it
> >>
> >>Could you back up this claim, insofar that "users" did not trust cgd?  I
> >>haven't seen any distrust of cgd -- in fact, I've seen quite a bit of
> >>welcome acceptace of cgd by both users *and* cryptographers.
> >
> > Some of the people I talked to were very unhappy about the same key
> > being used for all sectors on the disk.
> 
> Now, was that in the first day after cgd was committed or the second?
> As I recall, you committed GBDE 48 hours after CGD was committed in
> NetBSD. I'd be curious to hear about how much you changed your design
> in that period in response to feedback on cgd. (Please correct me if
> I'm wrong about the time gap.)
> 
> However:
> 
> > Some of the people I talked to were very unhappy about the same key
> > being used for all sectors on the disk. Even a small weakness in
> > the cipher becomes a big hole because of the amount of data this
> > offers for analysis.
> 
> I think we've already established that this fear, though
> understandable, is not a reasonable one under the circumstances. See
> several postings already made. You are better off just using AES with
> a longer key than the GBDE mechanism.
> 
> Perry
> _______________________________________________
> freebsd-hackers at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
> To unsubscribe, send any mail to "freebsd-hackers-unsubscribe at freebsd.org"