Re: [PATCH encrypted swsusp 1/3] core functionality

[Andreas Steinmetz]

folkert@xxxxxxxxxxxxxx wrote:
>>>The following patch adds the core functionality for the encrypted
>>>suspend image.
>>
>>[Please inline patches, it makes it easier to comment on them.]

Aiyeeh - good ole Mozilla tends to reformat things when inlining...

>>You seem to reuse same key/iv for all the blocks. I'm no crypto
>>expert, but I think that is seriously wrong... You probably should use
>>block number as a IV or something like that.
> 
> 
> Or use a feedback loop: xor your data with the outcome of the previous
> round. And for the initial block use 0x00...00 for 'previous block'-
> value.

I'm already using cipher block chaining, look for CRYPTO_TFM_MODE_CBC in
swsusp.c. You may want to have a look at cbc_process in crypto/cipher.c.
Thus using the same key is ok. The only known drawback is a watermarking
"attack" but this can only used to look for the existence of specially
crafted files which are not stored on disk during software suspend.

I should, however, use crypto_cipher_en/decrypt instead of
crypto_cipher_en/decrypt_iv as I actually wanted to use the iv in the
tfm I did set up with crypto_cipher_set_iv instead of the local copy.

Going to fix that.
-- 
Andreas Steinmetz                       SPAMmers use robotrap@xxxxxxxx
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/