Subject: Re: FUD about CGD and GBDE
To: Perry E. Metzger <>
From: Poul-Henning Kamp <>
List: tech-security
Date: 03/04/2005 07:17:28
In message <>, "Perry E. Metzger" writes:

>I also very strongly suggest that the biggest real threat you face
>isn't someone cracking AES but key management issues. CGD is in some
>sense largely a framework for letting you do all sorts of neat things
>with key management in a disk encryption context. You may want to add
>similar features -- the most practical attack against your system as
>it stands is a dictionary attack.

This is where it would have been nice that you didn't jump into
the middle of a discussion without reading the basic material.

See my paper please.

Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.