In message <877jkogrr4.fsf@snark.piermont.com>, "Perry E. Metzger" writes:

>I also very strongly suggest that the biggest real threat you face
>isn't someone cracking AES but key management issues. CGD is in some
>sense largely a framework for letting you do all sorts of neat things
>with key management in a disk encryption context. You may want to add
>similar features -- the most practical attack against your system as
>it stands is a dictionary attack.

This is where it would have been nice that you didn't jump into
the middle of a discussion without reading the basic material.

See my paper please.

-- 
Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.