[wellylug] USB stick protection
Cliff Pratt
enkidu at cliffp.com
Sun Mar 29 17:48:05 NZDT 2009
Atom Smasher wrote:
> On Sun, 29 Mar 2009, Cliff Pratt wrote:
>
>> http://mareichelt.de/pub/texts.cryptoloop.php
>>
>> Though I'm not sure that TrueCrypt == truecrypt and whether the flaws
>> are to be found in later versions of truecrypt > 4.1.
> ======================
>
> first paragraph, last sentence: "Up-to-date versions of dm-crypt (with
> LUKS) and truecrypt are also ok to use."
>
> also: "Unfortunately truecrypt [versions prior to 4.1] is just another
> broken device crypto implementation that uses good ciphers in insecure
> way. Specially crafted static bit patterns are easily detectable through
> that kind of bad crypto. Requirements: (1) used ciphers must have 128-bit
> block size and (2) file system where bit patterns are stored must have 2K
> or larger soft block size. Many popular linux file systems meet those
> requirements."
>
> the paper is about 5 years old.
>
Yes, but last modified last November.
Cheers,
Cliff
More information about the wellylug
mailing list