Re: [PATCH] Delete cryptoloop

From: Pascal Brisset
Date: Thu Jul 22 2004 - 14:50:16 EST

hpa@xxxxxxxxx (H. Peter Anvin) wrote in message
> So does cryptoloop use a different IV for different blocks? The need
> for the IV to be secret is different for different ciphers, but for
> block ciphers the rule is that is must not repeat, and at least
> according to some people must not be trivially predictable. [...]

The IV is predictable in cryptoloop and in other implementations.
This causes specially crafted watermarks to be detectable through
the encryption [1]. Pretty bad, but whether this is really a
concern or not depends a lot on what you are encrypting.

-- Pascal

[1] Markku-Juhani Saarinen: Encrypted Watermarks; Security Vulnerabilities in Laptop Encryption (Security Forum Workshop 2004)

To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at
Please read the FAQ at