On Wed, 26 Jul 2006 22:42:36 +0300, johan.wallen+lists@tkk.fi (Johan
Wall=E9n) wrote:

> johan.wallen+lists@tkk.fi (Johan Wall=E9n) writes:
>=20
> >> IV Methods
> >>   Currently, the only IV Method supported is encblkno (Encrypted Block
> >>   Number).  This method encrypts the block number of the physical disk
> >>   block with the cipher and key provided and uses that as the IV for C=
BC
> >>   mode.  This method should ensure that each block has a different IV
> >>   and that the IV is reasonably unpredictable.
> >
> > The basic idea does sound good.  But what is a block number in this
> > context?  Logical/physical block number on the disk/filesystem?  What
> > IV is used when a block is modified?
>=20
> Apparently, I cannot read, so let me rephrase my question.  When
> encrypting a block on a disk, the block number and the key is used to
> derive the IV.  When the block is modified and encrypted again, is the
> same block number and the same key used to derive the IV?  If not, how
> are the IVs actually derived? =20
>=20
I believe it's the same IV; anything else either requires an extra pass or
extra space.

		--Steven M. Bellovin, http://www.cs.columbia.edu/~smb