From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([69.77.167.62] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1KBcUe-0002Oe-4g for garchives@archives.gentoo.org; Wed, 25 Jun 2008 21:25:32 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id CD5E7E03EB; Wed, 25 Jun 2008 21:25:29 +0000 (UTC) Received: from mail.gmx.net (mail.gmx.net [213.165.64.20]) by pigeon.gentoo.org (Postfix) with SMTP id 6E3BFE03EB for ; Wed, 25 Jun 2008 21:25:29 +0000 (UTC) Received: (qmail invoked by alias); 25 Jun 2008 21:25:28 -0000 Received: from p3E9E5FFE.dip.t-dialin.net (EHLO nargond.local) [62.158.95.254] by mail.gmx.net (mp024) with SMTP; 25 Jun 2008 23:25:28 +0200 X-Authenticated: #26187417 X-Provags-ID: V01U2FsdGVkX19u3H0rR/huEOIiixuyyIKGp/VnaoZs3Bl5fC0IDb za1fTwlbiONNae From: Sebastian Wiesner To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] loop-aes + extra-ciphers... Date: Wed, 25 Jun 2008 23:24:37 +0200 User-Agent: KMail/1.9.9 References: <4861AB64.9000709@comcast.net> <200806252051.41624.basti.wiesner@gmx.net> <4862A9AE.1030909@comcast.net> In-Reply-To: <4862A9AE.1030909@comcast.net> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Content-Type: multipart/signed; boundary="nextPart1423533.LmpSCGG9ci"; protocol="application/pgp-signature"; micalg=pgp-sha1 Content-Transfer-Encoding: 7bit Message-Id: <200806252324.46971.basti.wiesner@gmx.net> X-Y-GMX-Trusted: 0 X-Archives-Salt: d11755d5-b276-4db1-b13d-7465e39accc9 X-Archives-Hash: 54c01f9aa498c4e4f2c0759aabb1e13f --nextPart1423533.LmpSCGG9ci Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline Chris Walters at Wednesday 25 June 2008, 22:25:18 > Are you a cryptology expert? Are you then? > The only thing that cryptography attempts to do is reduce the=20 > **probability** of cracking the key and gaining access to the data as low= =20 > as possible. =20 No news. That's, why cryptology defines "security" not as "being impossibl= e=20 to crack", but as "being sufficiently improbable to crack". The only=20 cipher, that can't be "brute-forced", is the OTP, which is=20 considered "perfectly secure". > As for brute forcing a passphrase: Since most implementations of AES > (Rijndael) use a hash of the passphrase to form the key, it amounts to > the same thing, in practice, as cracking the key. =46irst of all, you can perform hard disk encryption _without_ a passphrase= =2E =20 You can store keyfiles on smart cards, usb sticks, etc. In this case, you= =20 can generate a _truely random_ key.=20 Using a passphrase is the most insecure approach, but still, with a=20 sufficiently random passphrase, you can gain a level of security, that even= =20 the NSA will find difficult to come around. The randomness of a 30-char passphrase does of course by far not match the= =20 randomness of a 256-bit key, so there is a real chance, that it can be=20 guessed by brute force. Still it will take much cpu time, which is not=20 endless, even to the NSA. =20 In such a case, the question is, if the data, you ciphered, is really worth= =20 the effort of putting a super computer into work for a long time to try any= =20 possible passphrase. > Cryptology is, at least partly about finding the weakest link, because > that is what is likely to be attacked in any cryptosystem. Of course, absolutely true. Hard disk encryption is by far not perfect,=20 just look at the cold boot attacks that gained public interest in the last= =20 time. But you didn't talk of _cryptosystems_ in your previous posts, you=20 did talk about _algorithms_. =20 Summarizing, the modern ciphers themselves are secure, as there is mostly n= o=20 way to crack them save a brute-force attack on the key. On the other hand,= =20 cryptosystems built around these algorithms can of course contain=20 weaknesses and holes, like weak passphrases, unsecure key storage, etc. > The US Government only keeps classified information on non-networked > computers in secure environments, so the cipher used does not matter as > much as the other security measures taken to ensure that the data does > not fall into the wrong hands. May be. I do not know, which restrictions apply to US classified data, I=20 only know about official statements, the US government made towards the=20 security of AES. > A final thought: It is a fact that both the US Navy and the NSA are > *very* interested in cryptology and data security. The NSA also does > have large networks of supercomputers that, using parallel, distributed > or concurrent computing principles can crack keys more quickly than you > may think. You can use simple mathematics to find out, that even the largest super=20 computers, having one peta flop, needs millions of years to perform an=20 exhaustive search through AES key space. =20 Anyway, you may believe, what you want to believe, I'm just reflecting, wha= t=20 real experts like Bruce Schneier have been telling for years: It's wrong=20 to trust into simple ciphers, but it's equally wrong, to believe, that=20 anything can be broken. my 2 cents =2D-=20 =46reedom is always the freedom of dissenters. (Rosa Luxemburg) --nextPart1423533.LmpSCGG9ci Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (GNU/Linux) iEYEABECAAYFAkhit54ACgkQn3IEGILecb7NgQCfR7YUx26hecuo6qTD5IZA2x1Y z00AoI2TkqHierjHlD9tPJpNoYXnm6Wz =395V -----END PGP SIGNATURE----- --nextPart1423533.LmpSCGG9ci-- -- gentoo-user@lists.gentoo.org mailing list