Next Previous Contents

7. Glossary

This is only a very minimal glossary, which contains only two acronyms used, but not detailed in the text. The descriptions are based on the corresponding entries of the glossary that comes with the FreeS/WAN 1.3 distribution.

CBC

Cipher Block Chaining mode, a method of using a block cipher in which for each block except the first, the result of the previous encryption is XORed into the new block before it is encrypted. CBC is the mode used in IPSEC and the current Crypto-API ciphers.

An initialisation vector (IV) must be provided. It is XORed into the first block before encryption. The IV need not be secret but should be different for each message and unpredictable.

For loop device encryption, the IV is taken to be the physical block numbers of the file which contains the crypted filesystem.

ECB

Electronic CodeBook mode, the simplest way to use a block cipher. Each block is encrypted independently.

The loop device crypto drivers that do not use the Crypto-API use their respective ciphers in ECB mode.

ECB mode is less secure than CBC mode.


Next Previous Contents