On Tue, 2010-07-27 at 17:45 +0200, Mario 'BitKoenig' Holbe wrote:
> This depends on your attack model and whether you believe in forensic
> magic. If your attacker cannot snapshot your encrypted data, the size of
> your encrypted disk equals the amount of encrypted data an attacker can
> get. If your attacker can snapshot your encrypted data, you are right.
I usually always expect the worst case,... i.e. that my attackers can
make snapshots... ;) *paranoid*


> Note, that if your attack model doesnt allow your attacker to snapshot
> your encrypted data, you are pretty safe with CBC-ESSIV anyways.
Well I'm rather concerned about XTS (which I use anyway at the
moment)... especially give that there are AFAIU at least two issues
which are not solved by plain64 IV generation...

- The one that you continuously write data and an attacker possibly
snapshots it...
- The other thing mentioned here by Milan with the 1TB...

Or was that the same?


> You always have to understand
> what's your goals and what you do.
Well I guess that's impossible for most end users,... (and all people
who wiped ;) their cryptography lectures knowledge)... especially when
it comes to the math behind all that...
Therefore I think we need good FAQ/documentation which teach also the
"end user" what to do in order to get "best possible" security..



Cheers,
Chris.