[dm-devel] [PATCH 2/2] dm-crypt: Add TCW IV mode for old CBC TCRYPT containers.
Milan Broz
gmazyland at gmail.com
Mon Oct 28 16:58:35 UTC 2013
On 28.10.2013 17:08, Mike Snitzer wrote:
> What does TCW mean? How does it relate to CBC?
> - Is TCW mode: "CBC mode with some additional tweaks"?
Yes, as said in previous mail, it is just shortcut.
>
>> While TCRYPT CBC mode is legacy and is known to be vulnerable
>> to some watermarking attacks (e.g. revealing of hidden disk
>> existence) it can be still useful to mount old containers
>> without using 3rd party software or for independent forensic
>> analysis of such containers.
>
> Now you're switching back to referring to "TCRYPT CBC mode". What
> happened to "TCW mode"?
I am talking about implementation in general, not dmcrypt specific one.
It is still the same mode of course.
>> There is also second key used for "whitening" of sectors.
>> Whitening key is xored with sector number and mixed using
>> CRC32 and resulting value is applied to whole sector.
>> (Detailed calculation is in Truecrypt documentation for version < 4.1
>> and will be also described on dmcrypt site.)
>
> Can you add a pointer to the Truecrypt documentation for < 4.1?
I am afraid they removed all old documentation from site.
(but search google e.g. for truecrypt-3.1a-user-guide.pdf or
some similar version which use CBC mode, whitening and IV
generator is described there as well)
> Or a pointer to the dmcrypt site documentation?
Description is not yet there (once it is in kernel I will add it)
but link is referenced even from kernel Documentation
http://code.google.com/p/cryptsetup/wiki/DMCrypt
(and yes, seems that IV generators need better description there)
Thanks,
Milan
More information about the dm-devel
mailing list