[gentoo-user] Password questions, looking for opinions. cryptsetup question too.

[gentoo-user] Password questions, looking for opinions. cryptsetup question too.

[Dale]

[-- Attachment #1: Type: text/plain, Size: 2904 bytes --]

Howdy,

As some know, I encrypt a lot of stuff here.  I use passwords that I can
recall but no one could ever guess.  I don't use things that someone may
figure out like pet's name or anything like that.  I use a couple sites
to see just how good my passwords are.  I try to get into the millions
of years at least.  I have a couple that it claims is in the trillions
of years to crack.  I've read some things not to use like pet names and
such.  I've also read that one should use upper and lower case letters,
symbols and such and I do that, especially on my stuff I never want to
be cracked.  Some stuff, when I'm dead, it's gone.

In the real world tho, how do people reading this make passwords that no
one could ever guess?  I use Bitwarden to handle website passwords and
it does a good job.  I make up my own tho when encrypting drives.  I'm
not sure I can really use Bitwarden for that given it is a command line
thing, well, in a script in my case.  I doubt anyone would ever guess
any of my passwords but how do people reading this do theirs?  Just how
far do you really go to make it secure?  Obviously you shouldn't give up
much detail but just some general ideas.  Maybe even a example or two of
a fake password, just something that you would come up with and how. 

This is the two sites I use. 


https://www.passwordmonster.com/

https://www.security.org/how-secure-is-my-password/


I have a password in the first one that shows this:


It would take a computer about 63 thousand years to crack your password


Second one says this.

It would take a computer about 5 million years to crack your password

Exact same password in both.  Why such a large range to crack?  I tend
to use the first site to create a password.  Then I test it in the
second site to sort of confirm it.  If both say a long time, then I got
a fairly good one depending on what I'm protecting.  Still, why such a
difference?  One reason I use the first site, I can make it show the
password.  The second site doesn't do that so editing it to improve
things is harder since you can't see it.  The first site makes that easy
and gives me a idea of whether I'm on the right track.  Second site
confirms it.  I did contact the second site and ask for a button to show
the password.  After all, no one is here but me.  My windows are covered. 

Also, I use  cryptsetup luksFormat -s 512 ... to encrypt things.  Is
that 512 a good number?  Can it be something different?  I'd think since
it is needed as a option, it can have different values and encrypt
stronger or weaker.  Is that the case?  I've tried to find out but it
seems everyone uses 512.  If that is the only value, why make it a
option?  I figure it can have other values but how does that work? 
Heck, a link to some good info on that would be good.  :-)

Thoughts?  Opinions?  Suggestions? 

Dale

:-)  :-) 


[-- Attachment #2: Type: text/html, Size: 3958 bytes --]

Re: [gentoo-user] Password questions, looking for opinions. cryptsetup question too.

[Michael]

[-- Attachment #1: Type: text/plain, Size: 4830 bytes --]

On Tuesday, 19 September 2023 06:36:13 BST Dale wrote:
> Howdy,
> 
> As some know, I encrypt a lot of stuff here.  I use passwords that I can
> recall but no one could ever guess.  I don't use things that someone may
> figure out like pet's name or anything like that.  I use a couple sites
> to see just how good my passwords are.  I try to get into the millions
> of years at least.  I have a couple that it claims is in the trillions
> of years to crack.  I've read some things not to use like pet names and
> such.  I've also read that one should use upper and lower case letters,
> symbols and such and I do that, especially on my stuff I never want to
> be cracked.  Some stuff, when I'm dead, it's gone.

As/when quantum computers development progresses, many/some passwords and 
hashes will be cracked/brute forced (RSA encryption springs to mind).  It is 
best if you can think of any password as keeping your door and windows locked.  
They will stop most opportunistic attempts, but not anyone who is determined 
to break in.  It is unlikely your passwords will stop state actors.  A strong 
password, like a strong door lock, buys you time.  Hence the general 
recommendation to change your passwords frequently.


> In the real world tho, how do people reading this make passwords that no
> one could ever guess?

You can use gpg, or openssl, or app-admin/apg, or app-admin/pwgen, to generate 
random enough strings to use as passwords.  They will be difficult to guess, 
but will be VERY difficult to remember.  You'll have to store them offline 
and/or protect them in turn with some master passphrase you can remember.

As an example, you could choose characters/strings from the output stored in 
file.txt, when you run:

< /dev/random tr -dc "[:space:][:print:]" | head -c500 > file.txt


> I use Bitwarden to handle website passwords and
> it does a good job.  I make up my own tho when encrypting drives.  I'm
> not sure I can really use Bitwarden for that given it is a command line
> thing, well, in a script in my case.  I doubt anyone would ever guess
> any of my passwords but how do people reading this do theirs?  Just how
> far do you really go to make it secure?  Obviously you shouldn't give up
> much detail but just some general ideas.  Maybe even a example or two of
> a fake password, just something that you would come up with and how. 
> 
> This is the two sites I use. 
> 
> 
> https://www.passwordmonster.com/
> 
> https://www.security.org/how-secure-is-my-password/
> 
> 
> I have a password in the first one that shows this:
> 
> 
> It would take a computer about 63 thousand years to crack your password
> 
> 
> Second one says this.
> 
> It would take a computer about 5 million years to crack your password
> 
> Exact same password in both.  Why such a large range to crack?

I don't know why these guys come up with different years-equivalent strength, 
but I tend to treat such websites as suspicious.  They are more likely to act 
as a honeypot to *record* your passwords, than provide you with truly 
meaningful information.  I suppose you could use them to test an example of a 
password you would never use thereafter, but even this could reveal some 
underlying pattern in how you structure your passwords.


> I tend
> to use the first site to create a password.  Then I test it in the
> second site to sort of confirm it.  If both say a long time, then I got
> a fairly good one depending on what I'm protecting.  Still, why such a
> difference?  One reason I use the first site, I can make it show the
> password.  The second site doesn't do that so editing it to improve
> things is harder since you can't see it.  The first site makes that easy
> and gives me a idea of whether I'm on the right track.  Second site
> confirms it.  I did contact the second site and ask for a button to show
> the password.  After all, no one is here but me.  My windows are covered. 
> 
> Also, I use  cryptsetup luksFormat -s 512 ... to encrypt things.  Is
> that 512 a good number?  Can it be something different?  I'd think since
> it is needed as a option, it can have different values and encrypt
> stronger or weaker.  Is that the case?  I've tried to find out but it
> seems everyone uses 512.  If that is the only value, why make it a
> option?  I figure it can have other values but how does that work? 

The size of key options depend on the block cipher.  A larger key size tends 
to be stronger, but its processing slower.  Embedded devices without hardware 
accelerated crypto could struggle with larger key sizes.
 

> Heck, a link to some good info on that would be good.  :-)

https://gitlab.com/cryptsetup/cryptsetup/-/blob/main/FAQ.md

https://gitlab.com/cryptsetup/cryptsetup/wikis/LUKS-standard/on-disk-format.pdf

https://wiki.archlinux.org/title/Data-at-rest_encryption

[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

Re: [gentoo-user] Password questions, looking for opinions. cryptsetup question too.

[Jude DaShiell]

I generate random passwords using dice.  First and last characters in
passwords are letters that's arbitrary buys more time.  Those should have
lengths over 13 and before the agency I used to work for went to
smartcards and 256 character random passwords their last standard was 16
characters with minimum two symbols minimum two numbers minimum two
upper-case and minimum two lower-case.  No dictionary words or keyboard
walking allowed.  Firewall piercing with laptops got used regularly by
state actors and there is a firewall-piercing-howto file on the internet
for anyone interested.
The remaining characters first got their sets chosen.  A 1 on dice picked
a number for that spot and a 6 picked a symbol.  Two or 3 picked an
upper-case and 4 or 5 picked a lower-case.  Once the set spots got figured
five dice got used for letters add the total and subtract 4 for the
particular letter.  three dice got used for symbols with a single dice
roll of either odd for first 16 symbols or even single dice roll for
second 16 symbols.  Your choice as to put which 16 symbols in the even and
odd sets those could be randomized.  Numbers used two dice with 2
subtracted from total and a 2 rolled with the dice returned a 0.  Slow and
necessary to write worksheet down as dice rolling proceeded and password
needed writing down on completion.  Since I do most of my writing in
braille I have a good encryption system I can encrypt further by using the
old English braille instead of the American braille.  American braille has
dot arrangement 123 down left side of cell for reading and 4 5 6 down
right side of cell for reading.  English braille has 1 3 5 down the left
side and 2 4 6 down the right side of the cell for reading.  Those are dot
number arrangements.  Braille readers on this list I expect maybe only one
other will understand what I just wrote.


-- Jude <jdashiel at panix dot com> "There are four boxes to be used in
defense of liberty: soap, ballot, jury, and ammo. Please use in that
order." Ed Howdershelt 1940.

On Tue, 19 Sep 2023, Michael wrote:

> On Tuesday, 19 September 2023 06:36:13 BST Dale wrote:
> > Howdy,
> >
> > As some know, I encrypt a lot of stuff here.  I use passwords that I can
> > recall but no one could ever guess.  I don't use things that someone may
> > figure out like pet's name or anything like that.  I use a couple sites
> > to see just how good my passwords are.  I try to get into the millions
> > of years at least.  I have a couple that it claims is in the trillions
> > of years to crack.  I've read some things not to use like pet names and
> > such.  I've also read that one should use upper and lower case letters,
> > symbols and such and I do that, especially on my stuff I never want to
> > be cracked.  Some stuff, when I'm dead, it's gone.
>
> As/when quantum computers development progresses, many/some passwords and
> hashes will be cracked/brute forced (RSA encryption springs to mind).  It is
> best if you can think of any password as keeping your door and windows locked.
> They will stop most opportunistic attempts, but not anyone who is determined
> to break in.  It is unlikely your passwords will stop state actors.  A strong
> password, like a strong door lock, buys you time.  Hence the general
> recommendation to change your passwords frequently.
>
>
> > In the real world tho, how do people reading this make passwords that no
> > one could ever guess?
>
> You can use gpg, or openssl, or app-admin/apg, or app-admin/pwgen, to generate
> random enough strings to use as passwords.  They will be difficult to guess,
> but will be VERY difficult to remember.  You'll have to store them offline
> and/or protect them in turn with some master passphrase you can remember.
>
> As an example, you could choose characters/strings from the output stored in
> file.txt, when you run:
>
> < /dev/random tr -dc "[:space:][:print:]" | head -c500 > file.txt
>
>
> > I use Bitwarden to handle website passwords and
> > it does a good job.  I make up my own tho when encrypting drives.  I'm
> > not sure I can really use Bitwarden for that given it is a command line
> > thing, well, in a script in my case.  I doubt anyone would ever guess
> > any of my passwords but how do people reading this do theirs?  Just how
> > far do you really go to make it secure?  Obviously you shouldn't give up
> > much detail but just some general ideas.  Maybe even a example or two of
> > a fake password, just something that you would come up with and how.
> >
> > This is the two sites I use.
> >
> >
> > https://www.passwordmonster.com/
> >
> > https://www.security.org/how-secure-is-my-password/
> >
> >
> > I have a password in the first one that shows this:
> >
> >
> > It would take a computer about 63 thousand years to crack your password
> >
> >
> > Second one says this.
> >
> > It would take a computer about 5 million years to crack your password
> >
> > Exact same password in both.  Why such a large range to crack?
>
> I don't know why these guys come up with different years-equivalent strength,
> but I tend to treat such websites as suspicious.  They are more likely to act
> as a honeypot to *record* your passwords, than provide you with truly
> meaningful information.  I suppose you could use them to test an example of a
> password you would never use thereafter, but even this could reveal some
> underlying pattern in how you structure your passwords.
>
>
> > I tend
> > to use the first site to create a password.  Then I test it in the
> > second site to sort of confirm it.  If both say a long time, then I got
> > a fairly good one depending on what I'm protecting.  Still, why such a
> > difference?  One reason I use the first site, I can make it show the
> > password.  The second site doesn't do that so editing it to improve
> > things is harder since you can't see it.  The first site makes that easy
> > and gives me a idea of whether I'm on the right track.  Second site
> > confirms it.  I did contact the second site and ask for a button to show
> > the password.  After all, no one is here but me.  My windows are covered.
> >
> > Also, I use  cryptsetup luksFormat -s 512 ... to encrypt things.  Is
> > that 512 a good number?  Can it be something different?  I'd think since
> > it is needed as a option, it can have different values and encrypt
> > stronger or weaker.  Is that the case?  I've tried to find out but it
> > seems everyone uses 512.  If that is the only value, why make it a
> > option?  I figure it can have other values but how does that work?
>
> The size of key options depend on the block cipher.  A larger key size tends
> to be stronger, but its processing slower.  Embedded devices without hardware
> accelerated crypto could struggle with larger key sizes.
>
>
> > Heck, a link to some good info on that would be good.  :-)
>
> https://gitlab.com/cryptsetup/cryptsetup/-/blob/main/FAQ.md
>
> https://gitlab.com/cryptsetup/cryptsetup/wikis/LUKS-standard/on-disk-format.pdf
>
> https://wiki.archlinux.org/title/Data-at-rest_encryption
>

Re: [gentoo-user] Password questions, looking for opinions. cryptsetup question too.

[Dale]

Jude DaShiell wrote:
> I generate random passwords using dice.  First and last characters in
> passwords are letters that's arbitrary buys more time.  Those should have
> lengths over 13 and before the agency I used to work for went to
> smartcards and 256 character random passwords their last standard was 16
> characters with minimum two symbols minimum two numbers minimum two
> upper-case and minimum two lower-case.  No dictionary words or keyboard
> walking allowed.  Firewall piercing with laptops got used regularly by
> state actors and there is a firewall-piercing-howto file on the internet
> for anyone interested.
> The remaining characters first got their sets chosen.  A 1 on dice picked
> a number for that spot and a 6 picked a symbol.  Two or 3 picked an
> upper-case and 4 or 5 picked a lower-case.  Once the set spots got figured
> five dice got used for letters add the total and subtract 4 for the
> particular letter.  three dice got used for symbols with a single dice
> roll of either odd for first 16 symbols or even single dice roll for
> second 16 symbols.  Your choice as to put which 16 symbols in the even and
> odd sets those could be randomized.  Numbers used two dice with 2
> subtracted from total and a 2 rolled with the dice returned a 0.  Slow and
> necessary to write worksheet down as dice rolling proceeded and password
> needed writing down on completion.  Since I do most of my writing in
> braille I have a good encryption system I can encrypt further by using the
> old English braille instead of the American braille.  American braille has
> dot arrangement 123 down left side of cell for reading and 4 5 6 down
> right side of cell for reading.  English braille has 1 3 5 down the left
> side and 2 4 6 down the right side of the cell for reading.  Those are dot
> number arrangements.  Braille readers on this list I expect maybe only one
> other will understand what I just wrote.
>
>
> -- Jude <jdashiel at panix dot com> "There are four boxes to be used in
> defense of liberty: soap, ballot, jury, and ammo. Please use in that
> order." Ed Howdershelt 1940.

It is interesting what people can come up with.  Thing is, if one uses a
true random generated password, they are hard to crack but also hard to
remember.  I try to come up with something that will be hard to crack
but easy for me to remember.  Thing is, I do have a few passwords to
keep up with.  I recently changed my root password.  I plan to change my
user password soon.  Then I have the password for Bitwarden.  Then I
have the password for the NAS, three external hard drives with different
passwords for each etc.  That's a lot to remember.  To be honest, it's
getting to be a bit much.  Associating one password to one item is also
difficult.  Unless one leaves clues.  Thing is, those clues reveal
things as well. 

For websites, I really like Bitwarden.  I remember one password and it
can generate passwords for all the websites I use.  The passwords it
generates are pretty random.  For sites that don't allow symbols, I can
turn that off.  The big point, I only remember one password.  Thing is,
on one hand I need help remembering all these passwords.  On the other
hand, that is a risk itself. 

This reminds me of a tennis ball.  It just goes back and forth. 

Dale

:-)  :-)

> On Tue, 19 Sep 2023, Michael wrote:
>
>> On Tuesday, 19 September 2023 06:36:13 BST Dale wrote:
>>> Howdy,
>>>
>>> As some know, I encrypt a lot of stuff here.  I use passwords that I can
>>> recall but no one could ever guess.  I don't use things that someone may
>>> figure out like pet's name or anything like that.  I use a couple sites
>>> to see just how good my passwords are.  I try to get into the millions
>>> of years at least.  I have a couple that it claims is in the trillions
>>> of years to crack.  I've read some things not to use like pet names and
>>> such.  I've also read that one should use upper and lower case letters,
>>> symbols and such and I do that, especially on my stuff I never want to
>>> be cracked.  Some stuff, when I'm dead, it's gone.
>> As/when quantum computers development progresses, many/some passwords and
>> hashes will be cracked/brute forced (RSA encryption springs to mind).  It is
>> best if you can think of any password as keeping your door and windows locked.
>> They will stop most opportunistic attempts, but not anyone who is determined
>> to break in.  It is unlikely your passwords will stop state actors.  A strong
>> password, like a strong door lock, buys you time.  Hence the general
>> recommendation to change your passwords frequently.
>>
>>
>>> In the real world tho, how do people reading this make passwords that no
>>> one could ever guess?
>> You can use gpg, or openssl, or app-admin/apg, or app-admin/pwgen, to generate
>> random enough strings to use as passwords.  They will be difficult to guess,
>> but will be VERY difficult to remember.  You'll have to store them offline
>> and/or protect them in turn with some master passphrase you can remember.
>>
>> As an example, you could choose characters/strings from the output stored in
>> file.txt, when you run:
>>
>> < /dev/random tr -dc "[:space:][:print:]" | head -c500 > file.txt
>>
>>
>>> I use Bitwarden to handle website passwords and
>>> it does a good job.  I make up my own tho when encrypting drives.  I'm
>>> not sure I can really use Bitwarden for that given it is a command line
>>> thing, well, in a script in my case.  I doubt anyone would ever guess
>>> any of my passwords but how do people reading this do theirs?  Just how
>>> far do you really go to make it secure?  Obviously you shouldn't give up
>>> much detail but just some general ideas.  Maybe even a example or two of
>>> a fake password, just something that you would come up with and how.
>>>
>>> This is the two sites I use.
>>>
>>>
>>> https://www.passwordmonster.com/
>>>
>>> https://www.security.org/how-secure-is-my-password/
>>>
>>>
>>> I have a password in the first one that shows this:
>>>
>>>
>>> It would take a computer about 63 thousand years to crack your password
>>>
>>>
>>> Second one says this.
>>>
>>> It would take a computer about 5 million years to crack your password
>>>
>>> Exact same password in both.  Why such a large range to crack?
>> I don't know why these guys come up with different years-equivalent strength,
>> but I tend to treat such websites as suspicious.  They are more likely to act
>> as a honeypot to *record* your passwords, than provide you with truly
>> meaningful information.  I suppose you could use them to test an example of a
>> password you would never use thereafter, but even this could reveal some
>> underlying pattern in how you structure your passwords.
>>
>>
>>> I tend
>>> to use the first site to create a password.  Then I test it in the
>>> second site to sort of confirm it.  If both say a long time, then I got
>>> a fairly good one depending on what I'm protecting.  Still, why such a
>>> difference?  One reason I use the first site, I can make it show the
>>> password.  The second site doesn't do that so editing it to improve
>>> things is harder since you can't see it.  The first site makes that easy
>>> and gives me a idea of whether I'm on the right track.  Second site
>>> confirms it.  I did contact the second site and ask for a button to show
>>> the password.  After all, no one is here but me.  My windows are covered.
>>>
>>> Also, I use  cryptsetup luksFormat -s 512 ... to encrypt things.  Is
>>> that 512 a good number?  Can it be something different?  I'd think since
>>> it is needed as a option, it can have different values and encrypt
>>> stronger or weaker.  Is that the case?  I've tried to find out but it
>>> seems everyone uses 512.  If that is the only value, why make it a
>>> option?  I figure it can have other values but how does that work?
>> The size of key options depend on the block cipher.  A larger key size tends
>> to be stronger, but its processing slower.  Embedded devices without hardware
>> accelerated crypto could struggle with larger key sizes.
>>
>>
>>> Heck, a link to some good info on that would be good.  :-)
>> https://gitlab.com/cryptsetup/cryptsetup/-/blob/main/FAQ.md
>>
>> https://gitlab.com/cryptsetup/cryptsetup/wikis/LUKS-standard/on-disk-format.pdf
>>
>> https://wiki.archlinux.org/title/Data-at-rest_encryption
>>
>

[gentoo-user] Re: Password questions, looking for opinions. cryptsetup question too.

[Grant Edwards]

On 2023-09-20, Dale <rdalek1967@gmail.com> wrote:

> For websites, I really like Bitwarden.  I remember one password and it
> can generate passwords for all the websites I use.  The passwords it
> generates are pretty random.  For sites that don't allow symbols, I can
> turn that off.  The big point, I only remember one password.  Thing is,
> on one hand I need help remembering all these passwords.  On the other
> hand, that is a risk itself.

I second the recommendation of Bitwarden.  I used to use Lastpass but
they discontinued their free version, and the entry-level price was
just too high. I was so impressed with Bitwarden's support that I did
end up subsribing to their lowest-level paid service even though I
don't really need any of the extras that gets me.  It's also nice to
know that I can set up my own Bitwarden server if I want to.

If you're using Bitwarden's cloudy storage, don't forget to back up
your password database locally too.  I always back it up in human
readable format and then encrypt it using openssl command-line
methods. You don't want to have to depend on either Bitwarden's
servers or the Bitwarden app to retreive your passwords.

--
Grant

Re: [gentoo-user] Re: Password questions, looking for opinions. cryptsetup question too.

[Dale]

Grant Edwards wrote:
> On 2023-09-20, Dale <rdalek1967@gmail.com> wrote:
>
>> For websites, I really like Bitwarden.  I remember one password and it
>> can generate passwords for all the websites I use.  The passwords it
>> generates are pretty random.  For sites that don't allow symbols, I can
>> turn that off.  The big point, I only remember one password.  Thing is,
>> on one hand I need help remembering all these passwords.  On the other
>> hand, that is a risk itself.
> I second the recommendation of Bitwarden.  I used to use Lastpass but
> they discontinued their free version, and the entry-level price was
> just too high. I was so impressed with Bitwarden's support that I did
> end up subsribing to their lowest-level paid service even though I
> don't really need any of the extras that gets me.  It's also nice to
> know that I can set up my own Bitwarden server if I want to.
>
> If you're using Bitwarden's cloudy storage, don't forget to back up
> your password database locally too.  I always back it up in human
> readable format and then encrypt it using openssl command-line
> methods. You don't want to have to depend on either Bitwarden's
> servers or the Bitwarden app to retreive your passwords.
>
> --
> Grant
>

Usually, once a year I change my major passwords, bank, credit card,
ebay, Paypal, Amazon and such.  I have a folder thingy that I store
those in to make sure I don't forget to change something important. 
Anyway, when I do that and use the new passwords successfully, I make a
backup copy and on my rig, I can encrypt it with a right click.  I then
shred the original.  While I think Bitwarden will be around and they
will work fine, one never knows. 

I'm thinking of making a one time donation to Bitwarden.  Just to help
them out.  I can't do much but I can do that.  I used Lastpass until
they switched too. I actually imported my passwords from one to the
other.  It seems to work the same way to me. 

I still use Lastpass in Seamonkey.  Bitwarden doesn't have a plugin for
Seamonkey that I've found.  Lastpass hasn't been updated in ages
either.  Once Firefox did their major changes a few years ago, a lot of
old plugins are no longer maintained.  Seamonkey needs to catch up or it
is going to die. 

Dale

:-)  :-) 

Re: [gentoo-user] Re: Password questions, looking for opinions. cryptsetup question too.

[Frank Steinmetzger]

[-- Attachment #1: Type: text/plain, Size: 519 bytes --]

Am Tue, Sep 19, 2023 at 11:49:24PM -0500 schrieb Dale:

> Anyway, when I do that and use the new passwords successfully, I make a
> backup copy and on my rig, I can encrypt it with a right click.  I then
> shred the original.

Just on a sidenote, once you’re on an SSD, shredding has no use and is 
actually detrimental.

-- 
Grüße | Greetings | Salut | Qapla’
Please do not share anything from, with or about me on any social network.

On Mondays I feel like Robinson -- I’m waiting for Friday.

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

Re: [gentoo-user] Re: Password questions, looking for opinions. cryptsetup question too.

[Rich Freeman]

On Wed, Sep 20, 2023 at 4:22 PM Frank Steinmetzger <Warp_7@gmx.de> wrote:
>
> Am Tue, Sep 19, 2023 at 11:49:24PM -0500 schrieb Dale:
>
> > Anyway, when I do that and use the new passwords successfully, I make a
> > backup copy and on my rig, I can encrypt it with a right click.  I then
> > shred the original.
>
> Just on a sidenote, once you’re on an SSD, shredding has no use and is
> actually detrimental.
>

I'm not sure I'd go quite that far, but it certainly isn't as effective.

No way to be certain how well it works, but it is certainly worth
doing an ATA Secure Erase command on the drive.  A good SSD should
implement that in a way that ensures all the data is actually
unretrievable (probably by implementing full disk encryption and
erasing the key).  Of course, there is no way to tell if the drive was
implemented well.

Full-disk encryption at the OS level is of course the best way to
protect against recovery of data on a discarded disk.

-- 
Rich

Re: [gentoo-user] Re: Password questions, looking for opinions. cryptsetup question too.

[Frank Steinmetzger]

[-- Attachment #1: Type: text/plain, Size: 1071 bytes --]

Am Wed, Sep 20, 2023 at 04:51:36PM -0400 schrieb Rich Freeman:

> > > Anyway, when I do that and use the new passwords successfully, I make a
> > > backup copy and on my rig, I can encrypt it with a right click.  I then
> > > shred the original.
> >
> > Just on a sidenote, once you’re on an SSD, shredding has no use and is
> > actually detrimental.
> >
> 
> I'm not sure I'd go quite that far, but it certainly isn't as effective.
> 
> No way to be certain how well it works, but it is certainly worth
> doing an ATA Secure Erase command on the drive.  A good SSD should
> implement that in a way that ensures all the data is actually
> unretrievable (probably by implementing full disk encryption and
> erasing the key).  Of course, there is no way to tell if the drive was
> implemented well.

Uhm, Dale was talking of a single file, not an entire disk. ;-)

-- 
Grüße | Greetings | Salut | Qapla’
Please do not share anything from, with or about me on any social network.

do something for your image -- let yourself be seen with me.

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

Re: [gentoo-user] Password questions, looking for opinions. cryptsetup question too.

[hitachi303]

Am 20.09.23 um 04:41 schrieb Dale:
> It is interesting what people can come up with.  Thing is, if one uses a
> true random generated password, they are hard to crack but also hard to
> remember.  I try to come up with something that will be hard to crack
> but easy for me to remember.

If someone has a child one can always frame the first language test and 
put it at the wall in the office together with some family photos. Those 
spelling errors might not be random but for all practical use they are 
not predictable. One can always look it up. Just remember the line of 
the password. This is hidden in plain sight.

Re: [gentoo-user] Password questions, looking for opinions. cryptsetup question too.

[Wols Lists]

On 19/09/2023 10:10, Jude DaShiell wrote:
> Once the set spots got figured
> five dice got used for letters add the total and subtract 4 for the
> particular letter.

Which actually isn't random. It's a bell curve peaking probably between 
J and M. Think, if you throw 2 dice, there are 36 possible combinations. 
Only one of them generates 2, only one generates 12, but 6 combinations 
can generate 7.

Cheers,
Wol

Re: [gentoo-user] Password questions, looking for opinions. cryptsetup question too.

[Rich Freeman]

On Tue, Sep 19, 2023 at 4:26 AM Michael <confabulate@kintzios.com> wrote:
>
> On Tuesday, 19 September 2023 06:36:13 BST Dale wrote:
> > Howdy,
> >
> A strong
> password, like a strong door lock, buys you time.  Hence the general
> recommendation to change your passwords frequently.

While that can help on websites, it is of no use for full disk
encryption passwords - at least not without jumping through some big
hoops.

In order to crack your LUKS password somebody obviously needs to be
able to read the encrypted contents of your disk.  They cannot begin
cracking it until they have a copy of the LUKS headers.  However, once
they do have it, they can make a copy and crack it at their leisure.
If they manage to crack it, then it will give them the volume key.  At
that point if they were able to make a full copy of your disk they can
read whatever was on it at the time.  If they can make a fresh copy of
your disk then changing the passphrase will not change the volume key,
and so they'll be able to read what is currently on your disk.

Changing the volume key would defeat this, but requires running
cryptsetup-reencrypt which will take considerable time/CPU, though it
sounds like it can be done online.

> > In the real world tho, how do people reading this make passwords that no
> > one could ever guess?

You didn't ask this question, but I'll just note that most
organizations don't use human-readable passwords to implement full
disk encryption. The most commonly used solution is to use a TPM to
measure the boot process and secure the disk encryption keys.  If the
system is booted normally, the bootloader can read the encryption keys
from the TPM and can decrypt the disk without any user interaction (or
even awareness it is happening).  If the system is booted from
alternative media, or the on-disk bootloader is tampered with, or even
if the firmware is tampered with, then the TPM measurements will not
agree with those used to store the key, and the TPM will not allow the
keys to be read.

This is how solutions like Bitlocker work.

The components for this exist in the Linux world, but I'm not aware of
any distro/etc actually implementing this with a pretty front-end, and
there are obviously details that need to be carefully handled so that
a bootloader or firmware update doesn't render your disk unreadable.
Typically software implementations have ways to store "recovery keys"
for these situations (just another copy of the disk key stored outside
the TPM).

> You can use gpg, or openssl, or app-admin/apg, or app-admin/pwgen, to generate
> random enough strings to use as passwords.

You might want to also consider app-admin/xkcdpass

> > Also, I use  cryptsetup luksFormat -s 512 ... to encrypt things.  Is
> > that 512 a good number?  Can it be something different?  I'd think since
> > it is needed as a option, it can have different values and encrypt
> > stronger or weaker.  Is that the case?  I've tried to find out but it
> > seems everyone uses 512.  If that is the only value, why make it a
> > option?  I figure it can have other values but how does that work?

You can use a different size, but 512b is the recommended value for
the default cipher.  It is also the default I believe, so there isn't
much point in passing it.  Actually, I'd consider passing that
parameter harmful unless you also specify the cipher.  If in the
future the default changes to some other cipher, perhaps 512b will no
longer be appropriate, and you'll weaken it by specifying one and not
the other.

If you just want to trust the defaults, then trust the defaults.

As to why 512b is the recommendation, that seems like it would require
a LOT more reading.  Apparently it is in an IEEE standard and I'd need
to grok a lot more crypto to appreciate it.

-- 
Rich

Re: [gentoo-user] Password questions, looking for opinions. cryptsetup question too.

[Dale]

Hmmmm,

For some reason, I didn't get Michael's email.  I see him being quoted
but don't have his original.  I wonder what is up with that.  O-o


Rich Freeman wrote:
> On Tue, Sep 19, 2023 at 4:26 AM Michael <confabulate@kintzios.com> wrote:
>> On Tuesday, 19 September 2023 06:36:13 BST Dale wrote:
>>> Howdy,
>>>
>> A strong
>> password, like a strong door lock, buys you time.  Hence the general
>> recommendation to change your passwords frequently.
> While that can help on websites, it is of no use for full disk
> encryption passwords - at least not without jumping through some big
> hoops.
>
> In order to crack your LUKS password somebody obviously needs to be
> able to read the encrypted contents of your disk.  They cannot begin
> cracking it until they have a copy of the LUKS headers.  However, once
> they do have it, they can make a copy and crack it at their leisure.
> If they manage to crack it, then it will give them the volume key.  At
> that point if they were able to make a full copy of your disk they can
> read whatever was on it at the time.  If they can make a fresh copy of
> your disk then changing the passphrase will not change the volume key,
> and so they'll be able to read what is currently on your disk.
>
> Changing the volume key would defeat this, but requires running
> cryptsetup-reencrypt which will take considerable time/CPU, though it
> sounds like it can be done online.
>


Let's jump into a hypothetical here.  Let's say I'm a nasty terrorist or
some other really evil dude.  Let's say I have passwords are that really
good.  Let's say around 20 characters and a really nice mix of
characters.  If some gov't agency got my hard drive, how long would it
take for them to crack it?  I know when Snowden released all that info,
there was some changes to encryption.  Still, do they have the ability
to crack them without much trouble?  Is there something better to use
than what I'm using now?

I might add, when I configured my three drive setup, I sort of did it a
different way.  I still used cryptsetup but I used it later in the
process.  I also made sure to put the luks bit in.  That way I can
change passwords if needed.  I found a new howto and it seems to end the
same way but it's done in layers.  Luks first and then encryption but
different somehow.  Mostly, I can change passwords on it.  I don't
really get the whole thing, yet.  If I read it enough, my light bulb
will come on.  o_O 


>
>>> Also, I use  cryptsetup luksFormat -s 512 ... to encrypt things.  Is
>>> that 512 a good number?  Can it be something different?  I'd think since
>>> it is needed as a option, it can have different values and encrypt
>>> stronger or weaker.  Is that the case?  I've tried to find out but it
>>> seems everyone uses 512.  If that is the only value, why make it a
>>> option?  I figure it can have other values but how does that work?
> You can use a different size, but 512b is the recommended value for
> the default cipher.  It is also the default I believe, so there isn't
> much point in passing it.  Actually, I'd consider passing that
> parameter harmful unless you also specify the cipher.  If in the
> future the default changes to some other cipher, perhaps 512b will no
> longer be appropriate, and you'll weaken it by specifying one and not
> the other.
>
> If you just want to trust the defaults, then trust the defaults.
>
> As to why 512b is the recommendation, that seems like it would require
> a LOT more reading.  Apparently it is in an IEEE standard and I'd need
> to grok a lot more crypto to appreciate it.
>

Well, I was wondering if it could be set to 1024 and it make the
encryption stronger or something.  I've searched but no one explains
what that number really does other than set something.  Since that is
the default, I guess I can leave that out of my command.  Save me some
typing.  Anyway, 512 it is. 

Dale

:-)  :-) 

Re: [gentoo-user] Password questions, looking for opinions. cryptsetup question too.

[Michael]

[-- Attachment #1: Type: text/plain, Size: 2075 bytes --]

On Tuesday, 19 September 2023 12:13:40 BST Dale wrote:
> Hmmmm,
> 
> For some reason, I didn't get Michael's email.  I see him being quoted
> but don't have his original.  I wonder what is up with that.  O-o

Assuming you will receive this message, have a look here:

https://marc.info/?l=gentoo-user&m=169511184714476&w=2


> Rich Freeman wrote:
> > On Tue, Sep 19, 2023 at 4:26 AM Michael <confabulate@kintzios.com> wrote:
> >> On Tuesday, 19 September 2023 06:36:13 BST Dale wrote:
> >>> Howdy,
> >> 
> >> A strong
> >> password, like a strong door lock, buys you time.  Hence the general
> >> recommendation to change your passwords frequently.
> > 
> > While that can help on websites, it is of no use for full disk
> > encryption passwords - at least not without jumping through some big
> > hoops.
> > 
> > In order to crack your LUKS password somebody obviously needs to be
> > able to read the encrypted contents of your disk.  They cannot begin
> > cracking it until they have a copy of the LUKS headers.  However, once
> > they do have it, they can make a copy and crack it at their leisure.
> > If they manage to crack it, then it will give them the volume key.  At
> > that point if they were able to make a full copy of your disk they can
> > read whatever was on it at the time.  If they can make a fresh copy of
> > your disk then changing the passphrase will not change the volume key,
> > and so they'll be able to read what is currently on your disk.
> > 
> > Changing the volume key would defeat this, but requires running
> > cryptsetup-reencrypt which will take considerable time/CPU, though it
> > sounds like it can be done online.
> 
> Let's jump into a hypothetical here.  Let's say I'm a nasty terrorist or
> some other really evil dude.  Let's say I have passwords are that really
> good.  Let's say around 20 characters and a really nice mix of
> characters.  If some gov't agency got my hard drive, how long would it
> take for them to crack it?

A couple of minutes?

https://xkcd.com/538/

:-)

[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

Re: [gentoo-user] Password questions, looking for opinions. cryptsetup question too.

[hitachi303]

Am 19.09.23 um 13:47 schrieb Michael:
> A couple of minutes?
> 
> https://xkcd.com/538/
> 
> 😄

Most crypto nerds have a wrench at home. The gov. can even save those 5$.
:-)

Re: [gentoo-user] Password questions, looking for opinions. cryptsetup question too.

[Dale]

Michael wrote:
> On Tuesday, 19 September 2023 12:13:40 BST Dale wrote:
>> Hmmmm,
>>
>> For some reason, I didn't get Michael's email.  I see him being quoted
>> but don't have his original.  I wonder what is up with that.  O-o
> Assuming you will receive this message, have a look here:
>
> https://marc.info/?l=gentoo-user&m=169511184714476&w=2
>
>
>> Rich Freeman wrote:
>>> On Tue, Sep 19, 2023 at 4:26 AM Michael <confabulate@kintzios.com> wrote:
>>>> On Tuesday, 19 September 2023 06:36:13 BST Dale wrote:
>>>>> Howdy,
>>>> A strong
>>>> password, like a strong door lock, buys you time.  Hence the general
>>>> recommendation to change your passwords frequently.
>>> While that can help on websites, it is of no use for full disk
>>> encryption passwords - at least not without jumping through some big
>>> hoops.
>>>
>>> In order to crack your LUKS password somebody obviously needs to be
>>> able to read the encrypted contents of your disk.  They cannot begin
>>> cracking it until they have a copy of the LUKS headers.  However, once
>>> they do have it, they can make a copy and crack it at their leisure.
>>> If they manage to crack it, then it will give them the volume key.  At
>>> that point if they were able to make a full copy of your disk they can
>>> read whatever was on it at the time.  If they can make a fresh copy of
>>> your disk then changing the passphrase will not change the volume key,
>>> and so they'll be able to read what is currently on your disk.
>>>
>>> Changing the volume key would defeat this, but requires running
>>> cryptsetup-reencrypt which will take considerable time/CPU, though it
>>> sounds like it can be done online.
>> Let's jump into a hypothetical here.  Let's say I'm a nasty terrorist or
>> some other really evil dude.  Let's say I have passwords are that really
>> good.  Let's say around 20 characters and a really nice mix of
>> characters.  If some gov't agency got my hard drive, how long would it
>> take for them to crack it?
> A couple of minutes?
>
> https://xkcd.com/538/
>
> :-)


I did get this one.  I also got the other message, I think at the same
time.  It sure did arrive late tho.  I have mine set up to view as
threads.  This thread looked odd until it got the previous message. 
Must have got hung up somewhere.  Maybe a server somewhere had to reboot
and it took a while.  ROFL 

I like the cartoon.  In some countries, that would likely be a first
option.  :/

Dale

:-)  :-) 

Re: [gentoo-user] Password questions, looking for opinions. cryptsetup question too.

[Dale]

Michael wrote:
> On Tuesday, 19 September 2023 06:36:13 BST Dale wrote:
>
>> Heck, a link to some good info on that would be good.  :-)
> https://gitlab.com/cryptsetup/cryptsetup/-/blob/main/FAQ.md
>
> https://gitlab.com/cryptsetup/cryptsetup/wikis/LUKS-standard/on-disk-format.pdf
>
> https://wiki.archlinux.org/title/Data-at-rest_encryption

Oops.  Should have sent this in other message. 

Interesting links.  Some of the info I'm clueless.  I don't know some of
the terms and what they mean.  Some of it I get tho.  Basically, despite
people wanting to encrypt to protect data, some powerful entities can
still crack it no matter how good the password or phrase is.  It seems
encryption done 'on the fly' I think is the phrase they use is just very
hard to do without some serious CPU power or other tools.  Am I getting it?

I have a question tho.  Can a person use a password/pass phrase that is
like this:  'This is a stupid pass phrase.'   Does it accept that even
with spaces?  I know file names can have spaces for a long while now but
way back, you couldn't do that easily.  One had to use dashes or
underscores.  Uses spaces could open a few options. 

Dale

:-)  :-) 

Re: [gentoo-user] Password questions, looking for opinions. cryptsetup question too.

[Michael]

[-- Attachment #1: Type: text/plain, Size: 3006 bytes --]

On Wednesday, 20 September 2023 05:19:18 BST Dale wrote:
> Michael wrote:
> > On Tuesday, 19 September 2023 06:36:13 BST Dale wrote:
> >> Heck, a link to some good info on that would be good.  :-)
> > 
> > https://gitlab.com/cryptsetup/cryptsetup/-/blob/main/FAQ.md
> > 
> > https://gitlab.com/cryptsetup/cryptsetup/wikis/LUKS-standard/on-disk-forma
> > t.pdf
> > 
> > https://wiki.archlinux.org/title/Data-at-rest_encryption
> 
> Oops.  Should have sent this in other message. 
> 
> Interesting links.  Some of the info I'm clueless.  I don't know some of
> the terms and what they mean.  Some of it I get tho.  Basically, despite
> people wanting to encrypt to protect data, some powerful entities can
> still crack it no matter how good the password or phrase is.  It seems
> encryption done 'on the fly' I think is the phrase they use is just very
> hard to do without some serious CPU power or other tools.  Am I getting it?

Security can be compromised because people use easy to guess passwords, or by 
using side-channel attack methods.  As Snowden mentioned, if you rely on a low 
entropy device, e.g. a mobile phone, on which the base frequency can also be 
compromised, then that could be the weakest link for an attack.  Not to 
mention keyloggers and various MITM attacks, which on phones at least are 
rumoured to be the way to compromise a device.  Cracking algos and ciphers is 
computationally more expensive, performed offline and probably the last 
resort.  That said, if you assume state actors are at least 10 years ahead of 
you in terms of technological solutions and resources, you'd be at the right 
ballpark.


> I have a question tho.  Can a person use a password/pass phrase that is
> like this:  'This is a stupid pass phrase.'   Does it accept that even
> with spaces?  I know file names can have spaces for a long while now but
> way back, you couldn't do that easily.  One had to use dashes or
> underscores.  Uses spaces could open a few options. 

Generally speaking space characters are a poor choice for randomness.  I 
recall seeing some documentary about the Enigma machine used by the German 
military during the 2nd WW.  To minimise attempts to brute force the 
ciphertext, they started by identifying which letter(s) were most frequently 
used in the German language - e.g. the letter "e", then the second most 
frequent letter and so on.  This statistical analysis approach in combination 
with likely message content reduced the number of guesses.  In principle, a 
repeated space character in your passphrase could help reduce the 
computational burden of an offline brute force attack, by e.g. helping an 
attacker to identify the number of individual words in a passphrase.  All 
these passphrases and whatever other private info you pasted into different 
websites could also be harvested and used to determine some statistical 
pattern in your selected passphrases.  However, different ciphers and stronger 
keys guard against easy cracking by brute force.


[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

Re: [gentoo-user] Password questions, looking for opinions. cryptsetup question too.

[Frank Steinmetzger]

[-- Attachment #1: Type: text/plain, Size: 3175 bytes --]

Am Wed, Sep 20, 2023 at 01:28:09PM +0100 schrieb Michael:

> > I have a question tho.  Can a person use a password/pass phrase that is
> > like this:  'This is a stupid pass phrase.'   Does it accept that even
> > with spaces? I know file names can have spaces for a long while now but
> > way back, you couldn't do that easily.  One had to use dashes or
> > underscores.

Sure, why not? It’s a string like any other. No spaces in filenames where a 
restriction of (now outdated) file systems. And I guess developers didn’t 
account for them back in those days (and later out of habit). When I used 
DOS, of course I adhered to the 8.3 rule. But ever since I started using 
Windows, XP at the latest (2001), I wholly started using spaces everywhere 
and never looked back. The programs that had problems with spaces were few 
and script authors should just adhere to best practices and put filename 
variables in quotes, so they can work with spaces. The only nuissance they 
pose for me is it may make tab completion cumbersome sometimes.

PS.: I find underscores ugly. :D

> Generally speaking space characters are a poor choice for randomness.  I 
> recall seeing some documentary about the Enigma machine used by the German 
> military during the 2nd WW.  To minimise attempts to brute force the 
> ciphertext, they started by identifying which letter(s) were most frequently 
> used in the German language - e.g. the letter "e", then the second most 
> frequent letter and so on.  This statistical analysis approach in combination 
> with likely message content reduced the number of guesses.

Here you speak of the payload, not the passphrase, which is the encyption 
key. The key was rotated after each character and the initial key setting (the 
tumbler position) was distributed in secret code books.

> In principle, a repeated space character in your passphrase could help 
> reduce the computational burden of an offline brute force attack, by e.g. 
> helping an attacker to identify the number of individual words in a 
> passphrase.

Due to the rotation, the Enigma encoded each subsequent letter differently, 
even if the same one repeated, which was (one of) the big strengths of the 
Enigma cipher. The flaws were elsewhere, for example that a character could 
never be encrypted onto itself due to the internal wiring and certain 
message parts were always the same, like message headers and greetings.

For LUKS, having spaces in your passphrase (or their frequency) has no 
influence on the ciphertext, since the passphrase itself is not used for 
encryption. The passphrase only unlocks the actual key, which is then used 
for encryption. It comes down to whether the passphrase can easily be 
guessed by dictionary attacks. So if you write normal sentences with 
correctly written words, they might be easy to crack. I don’t expect it 
makes a big difference to the brute force software whether you use spaces or 
not.

-- 
Grüße | Greetings | Salut | Qapla’
Please do not share anything from, with or about me on any social network.

Suicide is the most honest form of self-criticism.

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

Re: [gentoo-user] Password questions, looking for opinions. cryptsetup question too.

[Wols Lists]

On 20/09/2023 19:05, Frank Steinmetzger wrote:
>> In principle, a repeated space character in your passphrase could help
>> reduce the computational burden of an offline brute force attack, by e.g.
>> helping an attacker to identify the number of individual words in a
>> passphrase.

> Due to the rotation, the Enigma encoded each subsequent letter differently,
> even if the same one repeated, which was (one of) the big strengths of the
> Enigma cipher. The flaws were elsewhere, for example that a character could
> never be encrypted onto itself due to the internal wiring and certain
> message parts were always the same, like message headers and greetings.

And, as always, one of the biggest weaknesses was the operator.

Enigma had three (or in later versions four) rotors. The code book 
specified the INITIAL "settings of the day" for those rotors. What was 
*supposed* to happen was the operator was supposed to select a random 
three/four character string, transmit that string twice, then reset the 
rotors to that string before carrying on. So literally no two messages 
were supposed to have the same settings beyond the first six characters.

Except that a lot of operators re-used the same characters time and time 
again. So if you got a message from an operator you recognised, you 
might well know his "seventh character reset". That saved a lot of grief 
trying to crack which of the several rotors were "the rotors of the day".

And given that, for a large chunk of the war, the radio operators were 
"chatty", you generally got a lot of six-character strings for which you 
had a damn good idea what the plain text was.

So even where some of the operators were seriously crypto-aware and 
careful, once you'd cracked the rotors and initial settings from the 
careless, you could read every message sent by everyone (using those 
settings) that day.

Along with other things like RDF giving subs positions away (although 
I'm not quite sure how much we had good RDF and how much it was a cover 
for us reading their location in status reports), it certainly helped us 
loads hunting them down.

Cheers,
Wol

Re: [gentoo-user] Password questions, looking for opinions. cryptsetup question too.

[Dale]

Wols Lists wrote:
> On 20/09/2023 19:05, Frank Steinmetzger wrote:
>>> In principle, a repeated space character in your passphrase could help
>>> reduce the computational burden of an offline brute force attack, by
>>> e.g.
>>> helping an attacker to identify the number of individual words in a
>>> passphrase.
>
>> Due to the rotation, the Enigma encoded each subsequent letter
>> differently,
>> even if the same one repeated, which was (one of) the big strengths
>> of the
>> Enigma cipher. The flaws were elsewhere, for example that a character
>> could
>> never be encrypted onto itself due to the internal wiring and certain
>> message parts were always the same, like message headers and greetings.
>
> And, as always, one of the biggest weaknesses was the operator.
>
> Enigma had three (or in later versions four) rotors. The code book
> specified the INITIAL "settings of the day" for those rotors. What was
> *supposed* to happen was the operator was supposed to select a random
> three/four character string, transmit that string twice, then reset
> the rotors to that string before carrying on. So literally no two
> messages were supposed to have the same settings beyond the first six
> characters.
>
> Except that a lot of operators re-used the same characters time and
> time again. So if you got a message from an operator you recognised,
> you might well know his "seventh character reset". That saved a lot of
> grief trying to crack which of the several rotors were "the rotors of
> the day".
>
> And given that, for a large chunk of the war, the radio operators were
> "chatty", you generally got a lot of six-character strings for which
> you had a damn good idea what the plain text was.
>
> So even where some of the operators were seriously crypto-aware and
> careful, once you'd cracked the rotors and initial settings from the
> careless, you could read every message sent by everyone (using those
> settings) that day.
>
> Along with other things like RDF giving subs positions away (although
> I'm not quite sure how much we had good RDF and how much it was a
> cover for us reading their location in status reports), it certainly
> helped us loads hunting them down.
>
> Cheers,
> Wol
>
>

Another question.  Are people trying to work on better encryption given
current encryption can be cracked?  I read some things changed after
Snowden.  I'm just not sure what and if more changes are needed even
today. 

If you wanted the most secure and hard to crack encryption, what would
you use?  How does one tell cryptsetup to use it?  I have several
encryption options here but no idea what is the best or even just good. 

I'm making pepper sauce today.  I hope this typing is OK.  The air has a
spicy warmth to it.  o_O

Dale

:-)  :-) 

Re: [gentoo-user] Password questions, looking for opinions. cryptsetup question too.

[Wol]

On 23/09/2023 14:35, Dale wrote:
> Another question.  Are people trying to work on better encryption given 
> current encryption can be cracked?  I read some things changed after 
> Snowden.  I'm just not sure what and if more changes are needed even 
> today.

> If you wanted the most secure and hard to crack encryption, what 
> would you use?  How does one tell cryptsetup to use it?  I have several 
> encryption options here but no idea what is the best or even just good.

If you want encryption that can't be cracked, go for RSA. It's uncrackable.

Now you might be wondering why I say that, given that is a simple, 
well-known attack, but it's true. You can trick me into encoding as much 
plain text as you like, where you can intercept the cipher text, and you 
will not be able to crack the cipher itself. What you need to do is get 
hold of ONE of my key-pairs. The public one of course is usually freely 
available, and if you get hold of the private one it's game over.

You can then mathematically solve "the puzzle of the keys" from my 
public pair and recover the private key. This is why RSA keys keep 
getting bigger - it takes more and more brute force to solve.

I don't know enough about ECC - do you crack it or solve it?

Both these ciphers however have a massive weakness - make a mistake 
setting them up and the solution becomes easy. RSA relies on multiplying 
two huge primes together. Dunno what ECC relies on. If one of your RSA 
primes is not, in fact, prime then factoring the huge product becomes 
easy, and recovering all the keys built from it is simple.

ECC specifies various parameters, and the official standard ECC 
parameters were discovered to contain a flaw. Was that an intentional 
back door? It's thought it was an accident.

But I think cryptographers have abandoned crackable ciphers now - if 
it's crackable then it's easily crackable. And all other ciphers simply 
rely on the asymmetric effort taken to create a key or solve a key.

Cheers,
Wol

Re: [gentoo-user] Password questions, looking for opinions. cryptsetup question too.

[Dale]

Wol wrote:
> On 23/09/2023 14:35, Dale wrote:
>> Another question.  Are people trying to work on better encryption
>> given current encryption can be cracked?  I read some things changed
>> after Snowden.  I'm just not sure what and if more changes are needed
>> even today.
>
>> If you wanted the most secure and hard to crack encryption, what
>> would you use?  How does one tell cryptsetup to use it?  I have
>> several encryption options here but no idea what is the best or even
>> just good.
>
> If you want encryption that can't be cracked, go for RSA. It's
> uncrackable.
>
> Now you might be wondering why I say that, given that is a simple,
> well-known attack, but it's true. You can trick me into encoding as
> much plain text as you like, where you can intercept the cipher text,
> and you will not be able to crack the cipher itself. What you need to
> do is get hold of ONE of my key-pairs. The public one of course is
> usually freely available, and if you get hold of the private one it's
> game over.
>
> You can then mathematically solve "the puzzle of the keys" from my
> public pair and recover the private key. This is why RSA keys keep
> getting bigger - it takes more and more brute force to solve.
>
> I don't know enough about ECC - do you crack it or solve it?
>
> Both these ciphers however have a massive weakness - make a mistake
> setting them up and the solution becomes easy. RSA relies on
> multiplying two huge primes together. Dunno what ECC relies on. If one
> of your RSA primes is not, in fact, prime then factoring the huge
> product becomes easy, and recovering all the keys built from it is
> simple.
>
> ECC specifies various parameters, and the official standard ECC
> parameters were discovered to contain a flaw. Was that an intentional
> back door? It's thought it was an accident.
>
> But I think cryptographers have abandoned crackable ciphers now - if
> it's crackable then it's easily crackable. And all other ciphers
> simply rely on the asymmetric effort taken to create a key or solve a
> key.
>
> Cheers,
> Wol
>
>


When I run cryptsetup to encrypt my drives, I have no idea what it is
using.  I assumed the defaults would be the most secure.  This is the
luksDump info, some may be changed or snipped, not sure if it is
something I should make public.  ;-) 


root@fireball / # cryptsetup luksDump /dev/sdo1
LUKS header information
Version:        2
Epoch:          3
Metadata area:  16384 [bytes]
Keyslots area:  16744448 [bytes]
UUID:           967257e5-ccc8-48ab-8f46-c6b05dc3bf37
Label:          (no label)
Subsystem:      (no subsystem)
Flags:          (no flags)

Data segments:
  0: crypt
        offset: 16777216 [bytes]
        length: (whole device)
        cipher: aes-xts-plain64
        sector: 4096 [bytes]

<<<< SNIP >>>>
Digests:
  0: pbkdf2
        Hash:       sha256
        Iterations: 83062
        Salt:       20 d5 f5 3b 51 43 31 29 8a b0 31 dc ad 56 0c 15
                    50 18 aa f8 df a0 4e 9e 8e e1 b2 bb f1 04 67 01
        Digest:     96 18 90 9e 89 7a 16 71 72 d0 97 ec 84 e1 b5 38
                    fc cb ea 97 93 29 19 4c 83 a6 fb 4e e9 ba 79 7b
root@fireball / #


I'm not to clear on this but it looks like it is using 'aes-xts-plain64'
to me.  If so, is that good enough?  Is there better? 

While I'm mostly worried about someone maybe stealing my rig, I also
don't want someone with some skills getting in there either.  Some
crooks may know someone.  ;-)

Dale

:-)  :-) 

Re: [gentoo-user] Password questions, looking for opinions. cryptsetup question too.

[Rich Freeman]

On Sat, Sep 23, 2023 at 11:05 AM Dale <rdalek1967@gmail.com> wrote:
>
> I'm not to clear on this but it looks like it is using 'aes-xts-plain64'
> to me.  If so, is that good enough?  Is there better?

You are using the defaults, which is what you should be using, as
they're very secure.  As far as I'm aware there is no known attack on
AES that is faster than a brute force attack, and a brute-force attack
on AES itself is not practical.  I think it is unlikely that anybody
knows of an attack on the cipher, but of course that cannot be ruled
out.  Current estimates of the time required to brute-force AES are in
the billions of years.

If somebody wanted to decrypt the drive without your knowledge, the
only practical attacks would be to evesdrop on you somehow to capture
your passphrase, or to brute force your passphrase.  LUKS is designed
to make a brute-force attack on a passphrase impractical as long as it
is reasonably long.  On typical hardware it should take a full second
or two to make one decryption attempt on the passphrase - obviously an
attacker could have more sophisticated hardware available but to even
be able to attempt tens of thousands of guesses per second would
require a very large expense, and your passphrase should be long
enough to make that search very long.

The most likely attack would be evesdropping.  Stopping that requires
good physical security, and also keeping any malware out of your
bootloader.  Unfortunately, the latter is generally not something
linux distros do much to prevent.  Corporate laptops running windows
are typically set up to protect against this using a TPM and secure
boot.  I'm not sure if any linux distros support a fully signed boot
processes up to disk decryption - doing that on Gentoo would be tricky
since the OS is being modified so often.  A release-based distro could
do it a bit more easily - just stick the essential bits in a squashfs
and sign everything up to that point, and use secure boot.

Then of course if an attacker didn't mind you knowing about their
intrusion, they could use the rubber hose method.  The only way to
defeat that sort of thing is to have some trusted external agent
involved in the process who could revoke your own access to your
device (think TPM and remote attestation to secure the boot chain plus
online authentication required for the device to obtain the session
key - though at that point you'd probably also just run a thin client
and keep the bulk of the data someplace more secure).

-- 
Rich

Re: [gentoo-user] Password questions, looking for opinions. cryptsetup question too.

[hitachi303]

Am 19.09.23 um 07:36 schrieb Dale:
> Maybe even a example or two of a fake password, just something that you 
> would come up with and how.


There was this TV series Sherlock. In one episode they communicated by 
numbers where each number referred to a word in a book. This was 
somewhat also used in a movie with Nicolas Cage where he is treasure 
hunting.

For the passwords which matter this seems to be a quit good way. As long 
as nobody guesses your book you can write down your passwords and look 
them up if needed. Like 239/4 which would tell you to open page 239 and 
use word 4. Or 239/4/3 -> page 239 line 4 word 3.
Then you start to make it difficult so that you don't just use words. 
Like start with the first letter of the word than go backwards and use 
every second letter until you habe 8 letters. Mix in a number for every 
third position.
You can change the rule as you like. Keep it always the same and you can 
look your password up every time. In German there are quit a lot of 
capital letters so just take them.
You can be creative as wild. Take a poem in middle age German and take 
only the first an last letter from every line. Every third number from 
pi. Since there is no pattern in pi this should be safe.

Something like that.

Re: [gentoo-user] Password questions, looking for opinions. cryptsetup question too.

[Dale]

hitachi303 wrote:
> Am 19.09.23 um 07:36 schrieb Dale:
>> Maybe even a example or two of a fake password, just something that
>> you would come up with and how.
>
>
> There was this TV series Sherlock. In one episode they communicated by
> numbers where each number referred to a word in a book. This was
> somewhat also used in a movie with Nicolas Cage where he is treasure
> hunting.
>
> For the passwords which matter this seems to be a quit good way. As
> long as nobody guesses your book you can write down your passwords and
> look them up if needed. Like 239/4 which would tell you to open page
> 239 and use word 4. Or 239/4/3 -> page 239 line 4 word 3.
> Then you start to make it difficult so that you don't just use words.
> Like start with the first letter of the word than go backwards and use
> every second letter until you habe 8 letters. Mix in a number for
> every third position.
> You can change the rule as you like. Keep it always the same and you
> can look your password up every time. In German there are quit a lot
> of capital letters so just take them.
> You can be creative as wild. Take a poem in middle age German and take
> only the first an last letter from every line. Every third number from
> pi. Since there is no pattern in pi this should be safe.
>
> Something like that.
>
>


I like the Sherlock stuff.  Everything from the black and white
versions, 1950's, to the TV series Elementary which is more recent. 
That is a idea but I currently come up with them from things I have or
weird things I won't forget.  Models of vehicles or some other thing I
have and will have for a long time.  Some are a little short but those
password sites say they are good strong passwords. 

That's a interesting way to come up with passwords tho.  I've seen that
is a few whodunit type shows.  Way back in the old days, they had some
interesting ways of coding messages.  Passwords are sort of similar. 

I'll have to give that some thought.  It's not how I usually do it but
it is interesting. 

Thanks.

Dale

:-)  :-) 

Re: [gentoo-user] Password questions, looking for opinions. cryptsetup question too.

[Wols Lists]

On 19/09/2023 10:13, Dale wrote:
> That's a interesting way to come up with passwords tho.  I've seen that
> is a few whodunit type shows.  Way back in the old days, they had some
> interesting ways of coding messages.  Passwords are sort of similar.

Back when we were busy conquering India ...

The story goes of a General trying to send a message back of his latest 
conquest, but he didn't want to use codes because he had a suspicion the 
Indians could read them if his messenger was captured.

It appears the story is apocryphal, but the message he sent read "peccavi".

https://www.ft.com/content/49036e66-ac48-11e8-94bd-cba20d67390c

Cheers,
Wol

Re: [gentoo-user] Password questions, looking for opinions. cryptsetup question too.

[Dale]

Wols Lists wrote:
> On 19/09/2023 10:13, Dale wrote:
>> That's a interesting way to come up with passwords tho.  I've seen that
>> is a few whodunit type shows.  Way back in the old days, they had some
>> interesting ways of coding messages.  Passwords are sort of similar.
>
> Back when we were busy conquering India ...
>
> The story goes of a General trying to send a message back of his
> latest conquest, but he didn't want to use codes because he had a
> suspicion the Indians could read them if his messenger was captured.
>
> It appears the story is apocryphal, but the message he sent read
> "peccavi".
>
> https://www.ft.com/content/49036e66-ac48-11e8-94bd-cba20d67390c
>
> Cheers,
> Wol
>
>


It seems that requires a subscription.  Oh well. 

Dale

:-)  :-) 

Re: [gentoo-user] Password questions, looking for opinions. cryptsetup question too.

[Håkon Alstadheim]

Den 23.09.2023 15:42, skrev Dale:
> Wols Lists wrote:
>> On 19/09/2023 10:13, Dale wrote:
>>> That's a interesting way to come up with passwords tho.  I've seen that
>>> is a few whodunit type shows.  Way back in the old days, they had some
>>> interesting ways of coding messages.  Passwords are sort of similar.
>> Back when we were busy conquering India ...
>>
>> The story goes of a General trying to send a message back of his
>> latest conquest, but he didn't want to use codes because he had a
>> suspicion the Indians could read them if his messenger was captured.
>>
>> It appears the story is apocryphal, but the message he sent read
>> "peccavi".
>>
>> https://www.ft.com/content/49036e66-ac48-11e8-94bd-cba20d67390c
>>
>> Cheers,
>> Wol
>>
>>
>
> It seems that requires a subscription.  Oh well.
Try 
https://www.euronews.com/culture/2023/02/17/culture-re-view-peccavi-a-misattributed-quote-and-the-british-raj
Probably ripped off from FT, but I was  curious :-) .

Re: [gentoo-user] Password questions, looking for opinions. cryptsetup question too.

[Jude DaShiell]

another possibility is use of a dictionary.  Find a word in dictionary
note page column and line.  Divide pages in dictionary by 2 and either add
or subtract that number of pages to or from page word is found on then on
the new page find the column and line for your actual password.  Of
course, you write the first word you looked up down as your password and
not the second word you just found you use for your real password.


-- Jude <jdashiel at panix dot com> "There are four boxes to be used in
defense of liberty: soap, ballot, jury, and ammo. Please use in that
order." Ed Howdershelt 1940.

On Tue, 19 Sep 2023, hitachi303 wrote:

> Am 19.09.23 um 07:36 schrieb Dale:
> > Maybe even a example or two of a fake password, just something that you
> > would come up with and how.
>
>
> There was this TV series Sherlock. In one episode they communicated by numbers
> where each number referred to a word in a book. This was somewhat also used in
> a movie with Nicolas Cage where he is treasure hunting.
>
> For the passwords which matter this seems to be a quit good way. As long as
> nobody guesses your book you can write down your passwords and look them up if
> needed. Like 239/4 which would tell you to open page 239 and use word 4. Or
> 239/4/3 -> page 239 line 4 word 3.
> Then you start to make it difficult so that you don't just use words. Like
> start with the first letter of the word than go backwards and use every second
> letter until you habe 8 letters. Mix in a number for every third position.
> You can change the rule as you like. Keep it always the same and you can look
> your password up every time. In German there are quit a lot of capital letters
> so just take them.
> You can be creative as wild. Take a poem in middle age German and take only
> the first an last letter from every line. Every third number from pi. Since
> there is no pattern in pi this should be safe.
>
> Something like that.
>
>

Re: [gentoo-user] Password questions, looking for opinions. cryptsetup question too.

[Dale]

Jude DaShiell wrote:
> another possibility is use of a dictionary.  Find a word in dictionary
> note page column and line.  Divide pages in dictionary by 2 and either add
> or subtract that number of pages to or from page word is found on then on
> the new page find the column and line for your actual password.  Of
> course, you write the first word you looked up down as your password and
> not the second word you just found you use for your real password.
>
>
> -- Jude <jdashiel at panix dot com> "There are four boxes to be used in
> defense of liberty: soap, ballot, jury, and ammo. Please use in that
> order." Ed Howdershelt 1940.
>
>


I think I've seen that used for messages ages ago.  It's a way of
sending info that without knowing how to decode it and the same version
of dictionary, you have no idea what it says.  Just don't lose the book
you use. 

The responses I'm getting sure are interesting.  Some I've seen but
never thought of using myself.  After all, it was a TV show, sometimes a
history documentary or something.  Reading about it here, it makes sense. 

Oh, like the signature too.  ;-)

Dale

:-)  :-) 

Re: [gentoo-user] Password questions, looking for opinions. cryptsetup question too.

[Hoël Bézier]

[-- Attachment #1: Type: text/plain, Size: 1126 bytes --]

Am Tue, Sep 19, 2023 at 12:36:13AM -0500 schrieb Dale:
>In the real world tho, how do people reading this make passwords that no
>one could ever guess?  I use Bitwarden to handle website passwords and
>it does a good job.  I make up my own tho when encrypting drives.  I'm
>not sure I can really use Bitwarden for that given it is a command line
>thing, well, in a script in my case.  I doubt anyone would ever guess
>any of my passwords but how do people reading this do theirs?  Just how
>far do you really go to make it secure?  Obviously you shouldn't give up
>much detail but just some general ideas.  Maybe even a example or two of
>a fake password, just something that you would come up with and how. 

For storing passwords, I use app-admin/pass.

For choosing passphrases, I write sentences. I know having space character at a 
predictable frequence in the passphrase makes it easier to find out, but using 
phrases makes it easier to come up with very long passphrases (which, I 
believe, balances the space thing, though I’m no crypto expert), which are also 
easy to remember.

Hoël

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

Re: [gentoo-user] Password questions, looking for opinions. cryptsetup question too.

[Jack]

On 9/20/23 12:18, Hoël Bézier wrote:

> Am Tue, Sep 19, 2023 at 12:36:13AM -0500 schrieb Dale:
>> In the real world tho, how do people reading this make passwords that no
>> one could ever guess?  I use Bitwarden to handle website passwords and
>> it does a good job.  I make up my own tho when encrypting drives.  I'm
>> not sure I can really use Bitwarden for that given it is a command line
>> thing, well, in a script in my case.  I doubt anyone would ever guess
>> any of my passwords but how do people reading this do theirs? Just how
>> far do you really go to make it secure?  Obviously you shouldn't give up
>> much detail but just some general ideas.  Maybe even a example or two of
>> a fake password, just something that you would come up with and how.
>
> For storing passwords, I use app-admin/pass.
>
> For choosing passphrases, I write sentences. I know having space 
> character at a predictable frequence in the passphrase makes it easier 
> to find out, but using phrases makes it easier to come up with very 
> long passphrases (which, I believe, balances the space thing, though 
> I’m no crypto expert), which are also easy to remember.
I don't think anyone has yet mentioned using the first (or last or 
second) letter of each word in the first (or last) sentence of a 
favorite book or poem or song, possibly modifying with some upper case 
and sprinkling in digits and special characters.

Re: [gentoo-user] Password questions, looking for opinions. cryptsetup question too.

[Jude DaShiell]

Another possibility is to write down encrypted passwords and don't
disclose encryption technique.  The rot13 is worthless.


-- Jude <jdashiel at panix dot com> "There are four boxes to be used in
defense of liberty: soap, ballot, jury, and ammo. Please use in that
order." Ed Howdershelt 1940.

On Wed, 20 Sep 2023, Hoël Bézier wrote:

> Am Tue, Sep 19, 2023 at 12:36:13AM -0500 schrieb Dale:
> >In the real world tho, how do people reading this make passwords that no
> >one could ever guess?  I use Bitwarden to handle website passwords and
> >it does a good job.  I make up my own tho when encrypting drives.  I'm
> >not sure I can really use Bitwarden for that given it is a command line
> >thing, well, in a script in my case.  I doubt anyone would ever guess
> >any of my passwords but how do people reading this do theirs?  Just how
> >far do you really go to make it secure?  Obviously you shouldn't give up
> >much detail but just some general ideas.  Maybe even a example or two of
> >a fake password, just something that you would come up with and how. 
>
> For storing passwords, I use app-admin/pass.
>
> For choosing passphrases, I write sentences. I know having space character at
> a predictable frequence in the passphrase makes it easier to find out, but
> using phrases makes it easier to come up with very long passphrases (which, I
> believe, balances the space thing, though I’m no crypto expert), which are
> also easy to remember.
>
> Hoël
>
>

[gentoo-user] Re: Password questions, looking for opinions. cryptsetup question too.

[Nikos Chantziaras]

On 19/09/2023 08:36, Dale wrote:
> In the real world tho, how do people reading this make passwords that no 
> one could ever guess?
I use nonsensical phrases that also contain symbols instead of words. 
For example "all stars and cats for pies":

   all*s&cats4pies

I can memorize those.