> > > > The following patch adds the core functionality for the encrypted > > > > suspend image. > > > [Please inline patches, it makes it easier to comment on them.] > > > You seem to reuse same key/iv for all the blocks. I'm no crypto > > > expert, but I think that is seriously wrong... You probably should use > > > block number as a IV or something like that. > > Or use a feedback loop: xor your data with the outcome of the previous > > round. And for the initial block use 0x00...00 for 'previous block'- > > value. > I'd like to retain ability to read suspend image in any order (so that > code can be reused for swap encryption, etc). In that case: encrypt the blocknumber with the key, and then use the outcome as IV for the encryption of the data. Or calculate a hash over the blocknumber and use the outcome of that as IV. Don't use the blocknumer directly. Folkert van Heusden Auto te koop, zie: http://www.vanheusden.com/daihatsu.php Op zoek naar een IT of Finance baan? Mail me voor de mogelijkheden. -------------------------------------------------------------------- UNIX admin? Then give MultiTail (http://vanheusden.com/multitail/) a try, it brings monitoring logfiles to a different level! See http://vanheusden.com/multitail/features.html for a feature-list. -------------------------------------------------------------------- Phone: +31-6-41278122, PGP-key: 1F28D8AE Get your PGP/GPG key signed at www.biglumber.com!
Attachment:
signature.asc
Description: Digital signature
- References:
- [PATCH encrypted swsusp 1/3] core functionality
- From: Andreas Steinmetz <[email protected]>
- Re: [PATCH encrypted swsusp 1/3] core functionality
- From: Pavel Machek <[email protected]>
- Re: [PATCH encrypted swsusp 1/3] core functionality
- From: [email protected]
- Re: [PATCH encrypted swsusp 1/3] core functionality
- From: Pavel Machek <[email protected]>
- [PATCH encrypted swsusp 1/3] core functionality
- Prev by Date: [rfc] git: combo-blobs
- Next by Date: Re: Problem in log_do_checkpoint()?
- Previous by thread: Re: [PATCH encrypted swsusp 1/3] core functionality
- Next by thread: Re: [PATCH encrypted swsusp 1/3] core functionality
- Index(es):