From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <uwe.menges@web.de>
Received: from fmmailgate01.web.de (fmmailgate01.web.de [217.72.192.221])
	by mail.saout.de (Postfix) with ESMTP
	for <dm-crypt@saout.de>; Sun, 15 Aug 2010 19:26:50 +0200 (CEST)
Received: from smtp03.web.de  ( [172.20.0.65])
	by fmmailgate01.web.de (Postfix) with ESMTP id 1FD8816632219
	for <dm-crypt@saout.de>; Sun, 15 Aug 2010 19:26:45 +0200 (CEST)
Received: from [78.42.233.220] (helo=lima.uwe.midimaze.de)
	by smtp03.web.de with esmtp (WEB.DE 4.110 #24) id 1Okgyr-0000vU-00
	for dm-crypt@saout.de; Sun, 15 Aug 2010 19:26:45 +0200
Message-ID: <4C682354.50907@web.de>
Date: Sun, 15 Aug 2010 19:26:44 +0200
From: Uwe Menges <uwe.menges@web.de>
MIME-Version: 1.0
References: <20100726210741.GC24052@tansi.org>	<1280180557.3266.136.camel@fermat.scientia.net>
	<slrni4s7ac.lr8.Mario.Holbe@darkside.dyn.samba-tng.org>
In-Reply-To: <slrni4s7ac.lr8.Mario.Holbe@darkside.dyn.samba-tng.org>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Sender: uwe.menges@web.de
Subject: Re: [dm-crypt] Efficacy of xts over 1TB
List-Id: <dm-crypt.saout.de>
List-Unsubscribe: <http://www.saout.de/mailman/options/dm-crypt>,
	<mailto:dm-crypt-request@saout.de?subject=unsubscribe>
List-Archive: <http://www.saout.de/pipermail/dm-crypt>
List-Post: <mailto:dm-crypt@saout.de>
List-Help: <mailto:dm-crypt-request@saout.de?subject=help>
List-Subscribe: <http://www.saout.de/mailman/listinfo/dm-crypt>,
	<mailto:dm-crypt-request@saout.de?subject=subscribe>
To: dm-crypt@saout.de

On 07/27/2010 01:42 AM, Mario 'BitKoenig' Holbe wrote:
> Of course, your attacker has to be able to capture a snapshot after the
> first fill-up ... probably via some forensic magic - people who believe
> in encryption often tend to also still believe in Peter Gutmann :)

No forensic magic is needed if you are eg. using a LUKS crypted iSCSI
volume and the attacker is able to mirror you network traffic.

Cheers, Uwe