lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAOtvUMdJxVSFhN4QMNL+eiF6OB2LevThcgDK34M-=JDXCoDXMA@mail.gmail.com>
Date:   Fri, 30 Oct 2020 13:20:41 +0200
From:   Gilad Ben-Yossef <gilad@...yossef.com>
To:     Milan Broz <gmazyland@...il.com>
Cc:     Herbert Xu <herbert@...dor.apana.org.au>,
        "David S. Miller" <davem@...emloft.net>,
        Alasdair Kergon <agk@...hat.com>,
        Mike Snitzer <snitzer@...hat.com>,
        device-mapper development <dm-devel@...hat.com>,
        Ofir Drang <ofir.drang@....com>,
        Eric Biggers <ebiggers@...nel.org>,
        Linux Crypto Mailing List <linux-crypto@...r.kernel.org>,
        Linux kernel mailing list <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH v3 1/4] crypto: add eboiv as a crypto API template

Hi,

On Fri, Oct 30, 2020 at 12:33 PM Milan Broz <gmazyland@...il.com> wrote:
>
> On 29/10/2020 11:05, Gilad Ben-Yossef wrote:
> >
> > +config CRYPTO_EBOIV
> > +     tristate "EBOIV support for block encryption"
> > +     default DM_CRYPT
> > +     select CRYPTO_CBC
> > +     help
> > +       Encrypted byte-offset initialization vector (EBOIV) is an IV
> > +       generation method that is used in some cases by dm-crypt for
> > +       supporting the BitLocker volume encryption used by Windows 8
> > +       and onwards as a backwards compatible version in lieu of XTS
> > +       support.
> > +
> > +       It uses the block encryption key as the symmetric key for a
> > +       block encryption pass applied to the sector offset of the block.
> > +       Additional details can be found at
> > +       https://www.jedec.org/sites/default/files/docs/JESD223C.pdf
>
> This page is not available. Are you sure this is the proper documentation?

You need to register at the JEDEC web site to get the PDF. The
registration is free though.

It's the only standard I am aware of that describe this mode, as
opposed to a paper.

>
> I think the only description we used (for dm-crypt) was original Ferguson's Bitlocker doc:
> https://download.microsoft.com/download/0/2/3/0238acaf-d3bf-4a6d-b3d6-0a0be4bbb36e/bitlockercipher200608.pdf


Yes, the JEDEC has a reference to that as well, but the white paper
doesn't actually describe the option without the diffuser.

>
> IIRC EBOIV was a shortcut I added to dm-crypt because we found no official terminology for this IV.
> And after lunchtime, nobody invented anything better, so it stayed as it is now :-)

Well, I still don't have any better name to offer, LOL :-)

Gilad



-- 
Gilad Ben-Yossef
Chief Coffee Drinker

values of β will give rise to dom!

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ