| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <m1NE61t-004yeQC@outside.256.com> Date: Fri, 27 Nov 2009 13:58:53 -0500 (EST) From: jgj7.ignorantguru@...lnull.com To: linux-kernel@...r.kernel.org Subject: blowfish and cryptoloop modules question I have a question for the maintainer of these modules or losetup but haven't been able to find an address. I posted this to an Arch forum but no one could explain it. I don't need my entire hard drive encrypted so my habit is to create a small blowfish container using the cryptoloop and blowfish kernel modules. Something like: Code: ## Load modules /sbin/modprobe cryptoloop /sbin/modprobe blowfish ## Make file "secfilename" dd if=/dev/urandom of=secfilename bs=1024k count=10 ## Set file as target of loop device losetup -e blowfish /dev/loop0 secfilename ## Make ext3 filesystem mkfs -t ext3 /dev/loop0 ## Mount filesystem mount -t ext3 /dev/loop0 /mnt/loop #... ## Unmount, detach, and sync umount /dev/loop0 ## Detach loop device losetup -d /dev/loop0 sync Here's my question: A long time ago, when I changed from SUSE to Ubuntu, I could no longer mount the container - it said there was no valid FS on it. So I had to recreate it. This made me question SUSE's blowfish implementation - was it crippled or have a backdoor? Now, years later I have installed Arch, and once again my container wasn't portable. Arch couldn't open Ubuntu's blowfish container. I had to recreate it from scratch with the 'new' blowfish. Will the real blowfish please stand up. Needless to say, this makes me question the integrity of these modules. A cryptographic algorithm, if properly implemented, should not be distro-centric. For my purposes it's probably not critical, but what's going on? I can mount my unencrypted ext3 partitions created by Ubuntu fine in Arch. Why are the blowfish modules not compatible? And if they are, then why is losetup so inconsistent between distributions? If they aren't compatible for a legitimate reason, I think they should be, as using different implementations is the only way users can verify an implementation. Thanks for any info. ---------- This message was sent from a MailNull anti-spam account. You can get your free account and take control over your email by visiting the following URL. http://mailnull.com/ -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists