Revision as of 16:35, 27 December 2006 edit Intgr (talk \| contribs) Autopatrolled, Extended confirmed users, New page reviewers, Pending changes reviewers 32,266 edits →Features: column annotations ← Previous edit		Revision as of 16:53, 27 December 2006 edit undo Intgr (talk \| contribs) Autopatrolled, Extended confirmed users, New page reviewers, Pending changes reviewers 32,266 edits →Modes of operation: Column annotations Next edit →
Line 272: == Modes of operation == {{details\|Disk encryption theory}} !* '''Plain CBC~~<ref>"Plain~~''': The CBC" ~~means~~(cipher ~~that~~block ~~the~~chaining) ~~CBC~~mode where [[initialization vector]]s are statically derived from the sector number and and not secret; ~~that~~this ~~is,~~means ~~they~~that IVs are re-used when overwriting a sector and the vectors can easily be guessed by an attacker.~~</ref>~~▼ * '''CBC with ESSIV''': The CBC mode where initialization vectors are statically derived from the encryption key and sector number with a [[cryptographic hash function]]. The IVs are secret, but they are nevertheless re-used with overwrites. * '''LRW''': The Liskov-Rivest-Wagner tweakable narrow-block mode, a mode of operation specifically designed for disk encryption. * '''Random per-sector keys''': The CBC mode where random keys are generated for each sector when it is written to, thus does not exhibit the typical weaknesses of CBC with re-used initialization vectors. The individual sector keys are stored on disk and encrypted with a master key. {\| class="wikitable" style="width: 100%; text-align: center; font-size: smaller; table-layout: fixed;" \|- ! Name ! Plain CBC ▲! Plain CBC<ref>"Plain CBC" means that the CBC [[initialization vector]]s are statically derived from the sector number and and not secret; that is, they are re-used when overwriting a sector and can easily be guessed by an attacker.</ref> ! CBC with ESSIV ! LRW

Comparison of disk encryption software: Difference between revisions