Subject: Re: FUD about CGD and GBDE
To: Roland Dowdeswell <>
From: Poul-Henning Kamp <>
List: tech-security
Date: 03/04/2005 00:18:40
In message <>, Roland Dowdeswell writes:

>Now, the key--key sector protects 32 disk
>sectors which contain 32 * 512 * 8 = 131072 bits.

The key-key protect only a single sector-key, however, the actual
sectorsize may be bigger than 512 and I recommend that people use
the FFS fragment size (typically 2k) if possible.

I have not taken the time to figure out how many of the 2^2048
possible sector contents are actually valid superblocks but it would
actually be an interesting number to know in this dicussion, just
like the fraction of valid inode blocks and directory blocks would
be interesting to know.

My guess is that the super block probability is about 1E-9, inode
block around 1E-8 and directory around 1E-9, but these are pure
guesses and likely off by a many orders of magnitude.

The bsd disklabel is not relevant in normal usage, people tend to
encrypt each filesystem individually as far as I have heard.

But Roland,

These continued false starts because you didn't take the time to
really understand what goes on in GBDE are a waste of both your and
my time and doesn't add to your reputation in any way.

I am old enough to actually appreciate a competently done review
because that is one of the best ways for me to improve my skills,
so even if your review ends up tearing GBDE apart at the seams,
you can trust me to appreciate that you did it.

And I am convinced you can give me a competent review if you give
it a fair shot, but right now you seem hell-bent on acing me rather
than doing your homework properly.

Please sit down and take the time it must take and then come back
with a professionally done review.  If there are things you are
unclear about, send me email and I'll do my best to explain them.

Thanks in advance,


Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.