A weak cryptoloop implementation in Linux?
Posted Jan 30, 2004 20:57 UTC (Fri) by jmason
Parent article: A weak cryptoloop implementation in Linux?
Surely lack of salting is a really basic issue? I'm surprised it took so long for someone to notice this, to be honest.
A good implementation, actually, would be to reserve a few bytes at the start of every block for a per-block salt value; along with a per-volume salt, that should cause quite a bit of difficulty for prospective attackers. ;)
But I definitely would agree with other posters, and not call this issue a "back door".
to post comments)