Re: Necessity for device overwriting?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



> > Can an attacker discern the size of individual files if the device has not

> > been overwritten first?
> 
> It´s a practical approach to give you a better understanding. Try less -f 
> /dev/sdX on the device you are going to encrypt. A blank block device is filled 
> with zeros or continually the same single character. Issuing shred /dev/sdX 
> shows strong resemblance to what loop-aes encryption leaves behind.
> In case only a first fraction of a block device is filled with such random 
> (looking) data one might suggest you to reveal keys/passes to uncover the real 
> nature of this information. In case you find a method of storing data using just 
> one character please inform me as soon as possible ;-)

Ok so you're saying it is about plausible deniability concerning the likelihood of there being encrypted data there, not about trying to uncover anything actually usable about the encrypted plaintext.   


      

-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/



[Index of Archives]     [Kernel]     [Linux Crypto]     [Gnu Crypto]     [Gnu Classpath]     [Netfilter]     [Bugtraq]