On 2016-01-08 09:49, Christoph Anton Mitterer wrote:
On Fri, 2016-01-08 at 09:40 -0500, Austin S. Hemmelgarn wrote:
That said, if you're using forced compression
on
the source FS, that may weaken things a bit.
The compression oracle it typically only then a problem, when the
attacker can control the encrypted data.
So that would depend mostly on his content...
But better safe than sorry... compression should usually be avoided
with crypto.
Oh, definitely. And that goes double for cases where the compression
algorithm is known in advance by the attacker (because if you pay
attention, a lot of compression algorithms produce certain patterns,
which makes breaking things a lot easier, even if you don't control part
of the plaintext).
--
To unsubscribe from this list: send the line "unsubscribe linux-btrfs" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
