A weak cryptoloop implementation in Linux?

Posted Mar 23, 2004 2:53 UTC (Tue) by sproket (guest, #20386)
Parent article: A weak cryptoloop implementation in Linux?

This is just silly. Cryptoloop is not broken if you use it right, and there's no good reason to change the way it works. Especially now that the hashing has rightfully been pulled out of the kernel layer. All you have to do is copy a few bytes of random data into a file as a salt. Save it in clear form to your disk. Then when you want to setup encrypted swap, hash your salt file with your password and pipe that to losetup as your key. Voila!
It would be terribly stupid to try and store the salt on the block device you were encrypting, it would either force you to overwrite block data, or shift it.