Thread Links			Date Links
Thread Prev	Thread Next	Thread Index	Date Prev	Date Next	Date Index

RE: wrong key behaviour

To: "SISWG" <stds-p1619@xxxxxxxx>
Subject: RE: wrong key behaviour
From: "Colin Sinclair" <colin@xxxxxxxxxxxxxx>
Date: Wed, 21 Dec 2005 17:04:28 -0000
Importance: Normal
In-Reply-To: <20051220121309.2085768de8214198020ddb7e86a9ac22.a31f56a6c5.wbe@email.email.secureserver.net>
Reply-To: <colin@xxxxxxxxxxxxxx>
Sender: stds-p1619@xxxxxxxx

> the drive must not return any data if the wrong key is given.

Not being funny, but how does the drive know if the key it is given is wrong? Either

(a) it keeps a copy of the key internally (easy to hack), or

(b) it encrypts a special string and keeps that internally (in flash or on media), or

(c) it must add a crpytographically safe integrity field computed over the plaintext on each sector
to tell if it has been decrypted correctly. This is just like adding authentication, and will add
overhead. It's probably not possible to rely on CRC because that isn't always there (vendor specific
additional sector information).

I presume the only sensible method is (b)?

Colin.

References:
- RE: the extra 8 bytes....
  - From: laszlo

Prev by Date: RE: p1619 (disk): ciphertext-stealing, tweak-mapping, other
Next by Date: Re: p1619 (disk): ciphertext-stealing, tweak-mapping, other
Prev by thread: RE: the extra 8 bytes....
Next by thread: RE: LBA to I mapping
Index(es):
- Date
- Thread