From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <arno@wagner.name>
Received: from v1.tansi.org (mail.tansi.org [84.19.178.47])
 by mail.server123.net (Postfix) with ESMTP
 for <dm-crypt@saout.de>; Thu, 14 Nov 2019 00:16:28 +0100 (CET)
Received: from gatewagner.dyndns.org (81-6-44-245.init7.net [81.6.44.245])
 by v1.tansi.org (Postfix) with ESMTPA id DF0C11401E7
 for <dm-crypt@saout.de>; Thu, 14 Nov 2019 00:16:18 +0100 (CET)
Date: Thu, 14 Nov 2019 00:16:26 +0100
From: Arno Wagner <arno@wagner.name>
Message-ID: <20191113231626.GA10948@tansi.org>
References: <14224469d70c38f8c34baf4e2f750d4089993ab6@webmail>
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
In-Reply-To: <14224469d70c38f8c34baf4e2f750d4089993ab6@webmail>
Subject: Re: [dm-crypt] Two questions
List-Id: <dm-crypt.saout.de>
List-Unsubscribe: <https://www.saout.de/mailman/options/dm-crypt>,
 <mailto:dm-crypt-request@saout.de?subject=unsubscribe>
List-Archive: <https://www.saout.de/pipermail/dm-crypt/>
List-Post: <mailto:dm-crypt@saout.de>
List-Help: <mailto:dm-crypt-request@saout.de?subject=help>
List-Subscribe: <https://www.saout.de/mailman/listinfo/dm-crypt>,
 <mailto:dm-crypt-request@saout.de?subject=subscribe>
To: dm-crypt@saout.de

On Wed, Nov 13, 2019 at 19:42:55 CET, mgreger@cinci.rr.com wrote:
>    From Michael Kj=F6rling:
>=20
>    > Yes; it implies that the two volumes are encrypted using the same
>    master key (as well as being accessible using the same set of
>    passphrases), _and_ it makes it obvious that this is the case.
>=20
>    (Assume any detached header is absent)
>=20
>    Obvious by inspecting the raw encrypted drives? My concern is salt/iv
>    reuse for same sector #'s on multiple drives leading to information
>    leakage.
>=20
>    For example let's say two encrypted drives were mirrored. Using the
>    same master key would make it obvious they are mirrored, but no
>    additional information is leaked (other than that they are in fact
>    copies of each other). But more complex scenarios exist: RAID, LVM2
>    headers, etc. Those other scenarios are the ones I am curious about.

You may also have sectors in filesystems that are generally the same=20
and that would be obvious.=20

The simple answer is: If you care, then do not do this. Otherwise
you do not care and it is not a problem. No amount of analysis will
make this go away.

Regards,
Arno

--=20
Arno Wagner,     Dr. sc. techn., Dipl. Inform.,    Email: arno@wagner.name
GnuPG: ID: CB5D9718  FP: 12D6 C03B 1B30 33BB 13CF  B774 E35C 5FA1 CB5D 9718
----
A good decision is based on knowledge and not on numbers. -- Plato

If it's in the news, don't worry about it.  The very definition of=20
"news" is "something that hardly ever happens." -- Bruce Schneier