Ticket #143 (closed defect: fixed)
ISSAC or ISSAC+
| Reported by: | Overwriter | Owned by: | Garrett |
|---|---|---|---|
| Priority: | minor | Milestone: | Eraser 6.0 |
| Component: | Core | Version: | 6.0.3.847 |
| Keywords: | ISAAC attack | Cc: | |
| Processor Architecture: | Blocked By: | ||
| Blocking: | Operating System: |
Description (last modified by Joel) (diff)
ISSAC or ISSAC+
I just wondered which version of ISSAC was installed in Eraser V6.
ISSAC has this problem.
http://eprint.iacr.org/2001/049.pdf
I appreciate this will have little effect on the secure overwriting abilities of Eraser but it might have consequences for the Truecrypt plausible deniability feature !
Possibly one for Svante this ! :o)
Blocking
| Id | Summary | Milestone |
|---|---|---|
| #143 | └ ISSAC or ISSAC+ | Eraser 6.0 |
Blocked by
| Id | Summary | Milestone |
|---|---|---|
| #143 | └ ISSAC or ISSAC+ | Eraser 6.0 |
Change History
comment:1 Changed 3 years ago by Joel
- Status changed from new to assigned
- Description modified (diff)
- Keywords ISAAC attack added
- Version set to 6.0.3.847
- Milestone set to Eraser 6.0
- Owner set to Garrett
comment:2 Changed 3 years ago by Garrett
- Status changed from assigned to closed
- Resolution set to fixed
Having a totally random generator will actually make it easier for a forensic analysis to detect erasure has occured. "Plausible deniability" would be better served by overwriting with bits of existing files.
Note: See
TracTickets for help on using
tickets.
Actually the paper you submitted refers to the use of ISAAC as a stream cipher. We do not use the stream cipher capability of ISAAC but instead just that PRNG bit which I think is not affected by the paper.
It's a lot of maths that I don't wanna tire myself with (the number of equations and propositions there are really too many for me to handle) so my judgement is that Eraser is safe, but I'd still ask Garrett or Svante to look at it. If they got time, haha.