Talk:CrossCrypt

	This article is within the scope of WikiProject Computing, a collaborative effort to improve the coverage of computers, computing, and information technology on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.ComputingWikipedia:WikiProject ComputingTemplate:WikiProject ComputingComputing articles
???	This article has not yet received a rating on the project's importance scale.
	This article is supported by WikiProject Software.

Cryptography: Computer science Low‑importance

	This article is within the scope of WikiProject Cryptography, a collaborative effort to improve the coverage of Cryptography on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.CryptographyWikipedia:WikiProject CryptographyTemplate:WikiProject CryptographyCryptography articles
Low	This article has been rated as Low-importance on the importance scale.
	This article is supported by WikiProject Computer science (assessed as Low-importance).

Compatibility with loop-AES and Twofish loopback encryption

It seems to me that the original author has been misled into believing that CrossCrypt containers are always implicitly compatible with loop-AES, and thus suffer from severe flaws. However, their web page merely states that "SingleKey Mode aes-loop compatible" which sounds like while it does provide legacy support for loop-AES, it has to be explicitly enabled. I'll {{dubious}} these statements for now. -- intgr 12:18, 12 December 2006 (UTC)[reply]

Never mind, the web site documents "multikey support" on its TODO list as full loop-AES compatibility. -- intgr 15:05, 19 December 2006 (UTC)[reply]

Biased comparison

The

pov}}. Note that "CBC" may also mean CBC with ESSIV, which does not share the vulnerabilities of plain CBC. I can't find any sources about which mode CrossCrypt really uses. -- intgr 12:24, 12 December 2006 (UTC)[reply

]

I second that. I'd wote for removing the whole section. If those two storage encryptions where the only ones, or just the most used, there'd be a point in having a section devoted to a comparision of them. But with the vast number of different implementations, I'd rather have an article comparing all of them. How to do such an article is a bit tricky. We could compare the different pieces of software, but we could also compare the different formats, or different modes. (Formats and modes are kind of orthogonal, one format can have a header field allowing different modes, and two different formats could use the same mode). A comparision of implementations could mention which formats they support, but even that would not be sufficient, as it might not implement all features supported by the format.

Since the article says CrossCrypt is compatible with loop-AES, I think it is true that predictable IVs are used. Calling this mode CBC is not completely correct, as CBC means the IV is chosen randomly. The claims about plausible deniability of TrueCrypt might be exaggerating, but I believe it is a bit better than CrossCrypt in this respect. Kasperd 06:48, 19 December 2006 (UTC)[reply]

I'll remove the section.

I've, too, been thinking of writing a "comparison of" article on the topic. Will probably do it sooner or later, if someone else doesn't beat me to it. -- intgr 14:58, 19 December 2006 (UTC)[reply]