Ticket #143 (closed defect: fixed)

Opened 14 months ago

Last modified 11 months ago

ISSAC or ISSAC+

Reported by: Overwriter Owned by: Garrett
Priority: minor Milestone: Eraser 6.0
Component: Core Version: 6.0.3.847
Keywords: ISAAC attack Cc:
Blocked By: Blocking:
Operating System: Processor Architecture:

Description (last modified by Joel) (diff)

ISSAC or ISSAC+

I just wondered which version of ISSAC was installed in Eraser V6.

ISSAC has this problem.

 http://eprint.iacr.org/2001/049.pdf

I appreciate this will have little effect on the secure overwriting abilities of Eraser but it might have consequences for the Truecrypt plausible deniability feature !

Possibly one for Svante this ! :o)

Blocking

IdSummaryMilestone
#143ISSAC or ISSAC+Eraser 6.0

Blocked by

IdSummaryMilestone
#143ISSAC or ISSAC+Eraser 6.0

Change History

Changed 14 months ago by Joel

  • status changed from new to assigned
  • description modified (diff)
  • owner set to Garrett
  • version set to 6.0.3.847
  • milestone set to Eraser 6.0
  • keywords ISAAC attack added

Actually the paper you submitted refers to the use of ISAAC as a stream cipher. We do not use the stream cipher capability of ISAAC but instead just that PRNG bit which I think is not affected by the paper.

It's a lot of maths that I don't wanna tire myself with (the number of equations and propositions there are really too many for me to handle) so my judgement is that Eraser is safe, but I'd still ask Garrett or Svante to look at it. If they got time, haha.

Changed 11 months ago by Garrett

  • status changed from assigned to closed
  • resolution set to fixed

Having a totally random generator will actually make it easier for a forensic analysis to detect erasure has occured. "Plausible deniability" would be better served by overwriting with bits of existing files.

Note: See TracTickets for help on using tickets.