Re: [gentoo-user] loop-aes + extra-ciphers...
Am Mittwoch, 25. Juni 2008 schrieb ext Chris Walters: Also, someone said that it was possible to encrypt using multiple passphrases using dm-crypt. That was me. To be correct: I wrote that with LUKS (which is based on dm-crypt) it is possible to use multiple keys (a key may be a passphrase or a keyfile on disk). LUKS does this by rserving the first block of an encrypted volume for meta data. Again: see http://luks.endorphin.org for the details. Bye... Dirk -- Dirk Heinrichs | Tel: +49 (0)162 234 3408 Configuration Manager | Fax: +49 (0)211 47068 111 Capgemini Deutschland | Mail: [EMAIL PROTECTED] Wanheimerstraße 68 | Web: http://www.capgemini.com D-40468 Düsseldorf | ICQ#: 110037733 GPG Public Key C2E467BB | Keyserver: wwwkeys.pgp.net signature.asc Description: This is a digitally signed message part.
Re: [gentoo-user] loop-aes + extra-ciphers...
On Tue, 24 Jun 2008 22:20:20 -0400 Chris Walters [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Thanks to all who replied to my previous question. This question is related. Has anyone gotten the 'extra-ciphers' (you can get them from the loop-aes site) to compile with the loop-aes kernel patch in place? If so, could you give me a hint on how to do this? Perhaps they appear as kernel modules? I'm just guessing. Also, someone said that it was possible to encrypt using multiple passphrases using dm-crypt. To be clear are we talking about the same type of multiple passphrases that can be used with AES and Serpent with loop-aes? Yes, you can have multiple passwords with dm-crypt-luks. In other words, you set up a number pg passphrases (64 or 65), and the first block uses the first passphrase, the second block uses the second one, etc. The 65th passpharse is added to the hash of the encryption passphrase. Never bothered to go so deep in the internals, but... I had a busyness laptop with non-sensitive (in my opinion) data, but the managers were quite paranoid about that, so I had to encrypt the drives to save myself the administrative trouble in case it was stolen. I followed the gentoo-wiki how-to [1] and found out that encrypting the hdd visibly slowed down the system. Rumor has it that the three-letter agencies (CIA, KGB, M.A.V.O. [2], etc) can break those algorithms relatively easy. On the other hand even weaker algorithms can protect your data against laptop thieves. What I'm saying is that it is pointless to get very crazy about strong and heavy algorithms. After all if your enemies are not after your hardware, but after your data, they could always physically force you to reveal the password. Also (as if that weren't enough), is it possible to encrypt the passphrases or keys in dm-crypt with gnupg, like it is with loop-aes? If so, please give examples. Yes, you could do something like: head /dev/urandom | gpg --symmetric -a key.gpg gpg --decrypt key.gpg | cryptsetup luksFormat /dev/some-block-device gpg --decrypt key.gpg | cryptsetup luksOpen /dev/some-block-device (The above commands are not correct, their sole purpose is to show the idea) [1] System Encryption DM-Crypt with LUKS: http://tinyurl.com/clrk6 [2] M.A.V.O.: http://tinyurl.com/4badqs ; http://tinyurl.com/4chhph :D -- Best regards, Daniel -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] loop-aes + extra-ciphers...
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Daniel Iliev wrote: | On Tue, 24 Jun 2008 22:20:20 -0400 | Chris Walters [EMAIL PROTECTED] wrote: [snip] | Perhaps they appear as kernel modules? I'm just guessing. I think that is how they are supposed to appear, but I can't seem to get them to compile, and the instructions are not too helpful. [snip] | Yes, you can have multiple passwords with dm-crypt-luks. That is good. [snip | Never bothered to go so deep in the internals, but... | | I had a busyness laptop with non-sensitive (in my opinion) data, but | the managers were quite paranoid about that, so I had to encrypt the | drives to save myself the administrative trouble in case it was stolen. | I followed the gentoo-wiki how-to [1] and found out that encrypting the | hdd visibly slowed down the system. | | Rumor has it that the three-letter agencies (CIA, KGB, M.A.V.O. [2], | etc) can break those algorithms relatively easy. On the other hand even | weaker algorithms can protect your data against laptop thieves. That's more than a rumor. Another three letter agency (NSA) has networks of supercomputers that can brute force a passphrase is little time. I am majoring in mathematics, and plan to specialize in cryptology. I doubt they'd let me publish an algorithm that is very hard to break... It is not that I'm terribly paranoid about people getting my data, I just want to make it a little harder. Of course, it is always possible to insert code that will send the unencrypted data, once you've logged on - not easy for the casual user, but for the guru, an easy thing. | What I'm saying is that it is pointless to get very crazy about strong | and heavy algorithms. After all if your enemies are not after your | hardware, but after your data, they could always physically force you | to reveal the password. Yes, I suppose that they could do that, using torture or something like that. [snip] | Yes, you could do something like: | | head /dev/urandom | gpg --symmetric -a key.gpg | gpg --decrypt key.gpg | cryptsetup luksFormat /dev/some-block-device | gpg --decrypt key.gpg | cryptsetup luksOpen /dev/some-block-device | | | (The above commands are not correct, their sole purpose is to show the | idea) Thanks for the ideas, and for the links. I will be checking them out. | [1] System Encryption DM-Crypt with LUKS: http://tinyurl.com/clrk6 | | [2] M.A.V.O.: http://tinyurl.com/4badqs ; http://tinyurl.com/4chhph :D Regards, Chris -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJIYmDJAAoJEIAhA8M9p9DA0skQAOOPam7lkhP6q+8XstmaUX5s O0zIyEHyIjxi6o2cln60UVXFzac89VvJ4fXYWgA9KcagedGsbWCljp/92Xynyqng 3lnZUWPZPkr0+M5khbO8EKMfEOlx4klWkbXX7kbyNWiSs1b9uWoJJqcb7fpU0mc8 6/Z/4v2EmkTCML1UHdNYaJkeJL7Tr0OxfK0gt9V8xadcZAyJQbF1YpZCqtlBEpdn Fom/tSwgpNn8Lxj5KdbFuNimflDDs4MlOfIsPUTm95mxlTw79YvTg2zqKEzmEvFE Zu3q9867JbStBLUzWJ/sB1WdTWmULm8q1N4tgGC/si02lTHHkpNoX9Sey2fw/w2x CrGBqALNyl3Buh2jMZY4+ALEr+YKnKIZFEybQtKlj971vtrj9s6m6yQM0GUoy41g zzjuIBarrr0NYwZI2rGSF/9aSoksD7GD8JIeLlDuJMpRowwsuU50IwR7cBZ2LfpX heNoxLdUfCdzeXeKOtyoPJNIvDv1LxwuUvlcxXT9vbU/ufvznCzOXlpKyoOWuL29 +aKJVKtzM4wCX+suqJZqva3npyXQMWnk45MjhE7KNvFA8k/OfBZkdxJ9F187iJi1 UoVNeenYgwogC4Y5jXKXdPNdaiFfe+byrIAmdWZOFYhPMBKY5OXO/pVcgp6kfAMe DJDh7m7neS1/8IPmfmG0 =SUZm -END PGP SIGNATURE- -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] loop-aes + extra-ciphers...
Am Mittwoch, 25. Juni 2008 schrieb Chris Walters: | Rumor has it that the three-letter agencies (CIA, KGB, M.A.V.O. [2], | etc) can break those algorithms relatively easy. On the other hand even | weaker algorithms can protect your data against laptop thieves. That's more than a rumor. Another three letter agency (NSA) has networks of supercomputers that can brute force a passphrase is little time. I am majoring in mathematics, and plan to specialize in cryptology. If it is so easy for them to crack our ciphers (and the one they use themselves, btw.), why doesn't Kasperky ask them to crack the key of the GPCode virus which, according to Kaspersky's assumptions, would keep 15 million modern PCs busy for a year. And, if it is so easy for them, it is as easy for other governments too, right? That would mean they use a cipher that's easily crackable by other governments. Do you really think they do? Bye... Dirk signature.asc Description: This is a digitally signed message part.
Re: [gentoo-user] loop-aes + extra-ciphers...
Chris Walters [EMAIL PROTECTED] at Wednesday 25 June 2008, 17:14:20 | Rumor has it that the three-letter agencies (CIA, KGB, M.A.V.O. [2], | etc) can break those algorithms relatively easy. On the other hand even | weaker algorithms can protect your data against laptop thieves. You had better used the acronym FUD instead of the word rumor. US government itself has declared Rijndael 256 sufficient for classified information up to top secret. This level of security is shared among all AES finalists like RC6 or Serpent. That's more than a rumor. Another three letter agency (NSA) has networks of supercomputers that can brute force a passphrase is little time. Bruteforcing a _passphrase_ is not the same as bruteforcing a key. An both of these don't have nothing to do with the algorithm itself. They are side-attacks ... a weak passphrase is user idiocity, not a cipher weakness. It is not that I'm terribly paranoid about people getting my data, I just want to make it a little harder. What's the point in making the impossible even harder? Of course, it is always possible to insert code that will send the unencrypted data, once you've logged on - not easy for the casual user, but for the guru, an easy thing. That's operating system security and has nothing to do with cryptology. Someone having only your hard disk can't inject a rootkit into the system. -- Freedom is always the freedom of dissenters. (Rosa Luxemburg) signature.asc Description: This is a digitally signed message part.
Re: [gentoo-user] loop-aes + extra-ciphers...
On Wednesday 25 June 2008, Dirk Heinrichs wrote: If it is so easy for them to crack our ciphers (and the one they use themselves, btw.), why doesn't Kasperky ask them to crack the key of the GPCode virus which, according to Kaspersky's assumptions, would keep 15 million modern PCs busy for a year. There's an interesting side possibility to that one. It's entirely plausible that the key used to encrypt all those poor sucker Windows user's files isn't just any old key, but rather a very important public key that matches a private key the bad guys would like to have - like a CA's private key. Maybe cracking that key isn't such a good idea after all. I think this is a case for hose-pipe decryption. -- Alan McKinnon alan dot mckinnon at gmail dot com -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] loop-aes + extra-ciphers...
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Sebastian Wiesner wrote: | Chris Walters [EMAIL PROTECTED] at Wednesday 25 June 2008, 17:14:20 | | | Rumor has it that the three-letter agencies (CIA, KGB, M.A.V.O. [2], | | etc) can break those algorithms relatively easy. On the other hand even | | weaker algorithms can protect your data against laptop thieves. | | You had better used the acronym FUD instead of the word rumor. US | government itself has declared Rijndael 256 sufficient for classified | information up to top secret. This level of security is shared among all | AES finalists like RC6 or Serpent. | | That's more than a rumor. Another three letter agency (NSA) has networks | of supercomputers that can brute force a passphrase is little time. | | Bruteforcing a _passphrase_ is not the same as bruteforcing a key. An both | of these don't have nothing to do with the algorithm itself. They are | side-attacks ... a weak passphrase is user idiocity, not a cipher | weakness. | | It is not that I'm terribly paranoid about people getting my data, I just | want to make it a little harder. | | What's the point in making the impossible even harder? | | Of course, it is always possible to insert code that will send the | unencrypted data, once you've logged on - not easy for the casual user, | but for the guru, an easy thing. | | That's operating system security and has nothing to do with cryptology. | Someone having only your hard disk can't inject a rootkit into the system. Are you a cryptology expert? By the way, nothing is impossible. The only thing that cryptography attempts to do is reduce the **probability** of cracking the key and gaining access to the data as low as possible. As for brute forcing a passphrase: Since most implementations of AES (Rijndael) use a hash of the passphrase to form the key, it amounts to the same thing, in practice, as cracking the key. Cryptology is, at least partly about finding the weakest link, because that is what is likely to be attacked in any cryptosystem. If the weakest link is system security or a weak passphrase, then that weakness translates to a weakness in anything encrypted in such an environment. The US Government only keeps classified information on non-networked computers in secure environments, so the cipher used does not matter as much as the other security measures taken to ensure that the data does not fall into the wrong hands. A final thought: It is a fact that both the US Navy and the NSA are *very* interested in cryptology and data security. The NSA also does have large networks of supercomputers that, using parallel, distributed or concurrent computing principles can crack keys more quickly than you may think. Regards, Chris -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJIYqmqAAoJEIAhA8M9p9DAIo8P/A17VwmkVsscVgfFzpCVDQbw 69WHMmoUvn5GasVRiM2JUi2UeEDpzCuLNxYlQglFWhyvsbplV3aiJmtzVdbEitsK hpf7Jt0wNvzi25Cye/j2DJlkGh7PTGRCkrMkoirgg+JTSFC21TzAnJZSUQH3Zhv8 Inb1C53jl8/RV1KTdPOX2W/hNo1VCPfpFnhxhad8fzj59pM1UwMVktwAQtO1JmOW fQm3/mSbeLyr0L5ZKPlc5shao/QVZ7Zo9xTDU8PFrBCmmt93MODGdbaOY7IsCmsl 6vWfWi1suV1a9ptPpU9ohn7YZtHlEboRMb4/mHCsj46SsI9cOo1KVLpqfiQZxd1t U1niZU8Cb67+cvEDcQ/q1eIGDMza01NR8UxtF66vHB8WrGKpLYs+ckHqJg9+hgF5 nUiY2RHeyNd3lh4vUWCY15Kh9OfK/LlL9IvGZV2Vpc066aa/EfC3AyiSSc+cMMx9 r4GQijL3wfKaDY9OUh6hJZcSZpBNTZezQ1sNZNMOm0TgDLGtJNMv5ltHjtZnxmbC Fus0IRrQVYvXT8ADZW80Ic256RWtUvn73WjBevYswa2T/Oc3o/NWc2sMrxEg8FVs a7nCa4ErSKIWRbMHTuTZLO3l6+XXjXm0sHk0qQ4JfFNkoV4gyMZq36HelAb2GsRu 7NJKaZIXlOCuNiYByLfp =wp+F -END PGP SIGNATURE- -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] loop-aes + extra-ciphers...
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Dirk Heinrichs wrote: | If it is so easy for them to crack our ciphers (and the one they use | themselves, btw.), why doesn't Kasperky ask them to crack the key of the | GPCode virus which, according to Kaspersky's assumptions, would keep 15 | million modern PCs busy for a year. | | And, if it is so easy for them, it is as easy for other governments too, | right? That would mean they use a cipher that's easily crackable by other | governments. Do you really think they do? I didn't say it was easy. All I said is that it is possible, with enough resources, to crack keys. I very much doubt that the NSA would be interested in cracking the key of the GPCode virus, since they are more directed to the National Security of the US. As for other governments, if they have large networks of supercomputers, and cryptanalysis experts, then it would probably be just as probable that they could crack any key from any publicly used cipher algorithm. Regards, Chris -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJIYqsOAAoJEIAhA8M9p9DAnswP+QEM14WCclfIljkDDhRGJ/uU d/XJMrw7wyJxJ+jodCARFlBjnyzMYTNShIaX9jgWWQFOC85XMFAcjjeVejP7bcd5 kfmJyJFJeT0omH/68Mw7tiyN4Ft+ldovSIj2iJKU8BkLszd0E+wizM7MvIrPKyq0 xj5xZNJyimd7zSCE+F6+OHQJ+GrlMMrOv0YWUd9FrfWBW/GB635EU1KDg1YKrn4v 8goRTdS/ImtcXJTttRbOLwSCwi66Cv2RgK6BACeSxzxxkODeHy/qnKSnppxMfPxD X4WZz+i6VW7+diUJuGojWyFooFTL/RjJOprmAWsNM4V1R0sVsHqzIzwGZSa/BzIM J5Yzj5LQGpceP0qOVz4fAw41rEVliYlVxQNxEhlxt53UN3tQ5pGvayasZD1mLz6A QDBZNuQkeC2ggxLPOWF6/qRiLgjFXxZ4viiEDagCGhveGdSqu78DVvlOtCbkw78D pRdSxIU9Uc77Z7N5ZPpckHooX4argKLiPkyBpuU9alEHZd6KdjdSdFF4pPx73101 0baSIp4Ato0AZ/wciu9RIAtKwuwtlZ8bzcm3CxKeRJ1Fr6kLVoa0w3r1RkW+/T+C hFiaLAoLfnqdUrSBDAVUuEkL8W3OOPr1SRsYY9Pp1XNykEPqIsmV+OWgzooDCJly hUV5npf+EK4AjE5n7nc7 =Cvzy -END PGP SIGNATURE- -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] loop-aes + extra-ciphers...
On Wednesday 25 June 2008, Chris Walters wrote: Dirk Heinrichs wrote: | If it is so easy for them to crack our ciphers (and the one they | use themselves, btw.), why doesn't Kasperky ask them to crack the | key of the GPCode virus which, according to Kaspersky's | assumptions, would keep 15 million modern PCs busy for a year. | | And, if it is so easy for them, it is as easy for other governments | too, right? That would mean they use a cipher that's easily | crackable by other governments. Do you really think they do? I didn't say it was easy. All I said is that it is possible, with enough resources, to crack keys. I very much doubt that the NSA would be interested in cracking the key of the GPCode virus, since they are more directed to the National Security of the US. As for other governments, if they have large networks of supercomputers, and cryptanalysis experts, then it would probably be just as probable that they could crack any key from any publicly used cipher algorithm. This is the point where I start to ask for a citation and stop listening to theoretical possibilities and things that might possibly could be. Unless of course the exact meaning of phrases like three hundred thousand million years has a different meaning in your universe than it does in mine. -- Alan McKinnon alan dot mckinnon at gmail dot com -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] loop-aes + extra-ciphers...
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Alan McKinnon wrote: | On Wednesday 25 June 2008, Chris Walters wrote: | Dirk Heinrichs wrote: | | If it is so easy for them to crack our ciphers (and the one they | | use themselves, btw.), why doesn't Kasperky ask them to crack the | | key of the GPCode virus which, according to Kaspersky's | | assumptions, would keep 15 million modern PCs busy for a year. | | | | And, if it is so easy for them, it is as easy for other governments | | too, right? That would mean they use a cipher that's easily | | crackable by other governments. Do you really think they do? | | I didn't say it was easy. All I said is that it is possible, with | enough resources, to crack keys. I very much doubt that the NSA | would be interested in cracking the key of the GPCode virus, since | they are more directed to the National Security of the US. | | As for other governments, if they have large networks of | supercomputers, and cryptanalysis experts, then it would probably be | just as probable that they could crack any key from any publicly used | cipher algorithm. | | This is the point where I start to ask for a citation and stop listening | to theoretical possibilities and things that might possibly could be. | Unless of course the exact meaning of phrases like three hundred | thousand million years has a different meaning in your universe than | it does in mine. Whom are you asking for a citation from? For which particular facts? Do you really doubt that the US NSA has a *lot* of supercomputers? Do you really doubt that they have experts in mathematics, cryptology, cryptanalysis, and cryptography experts on staff? Or perhaps you doubt that they can crack any keys at all... Chris -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJIYrCEAAoJEIAhA8M9p9DANokQAMVlJk0AoEa11ixiLCeNrEo/ RHkuMpHYeBpEAbWKhqqwdPZPE4voBdT70pbJeK5MXCoMNGpUopW4vYdtEv6WA88Q LaPHdr9RdOf0n/7LLr6el61sbe41S5DRHLFnh63c83v0hSjyJVir+WoaOMGh0psG wUist2SyPos7rNrgSs0MeOKM2/qSCpC0OF3HZmMQhPXVQQHSWC03T14EX+dTtSeb +oxZ8aky0sqzfjvc84ep7zM9WUxN+JFR7bjokpzOwryiZt729nMxa3SATCcJWvhH 6RHtAK4gK9tXbZJ/70Um7D98lPLTeilImYIVAANhpkA/MwB8UN2d9BHxTdnZ5iCs GRWAMFllDUFKTmCnx0yXkdP/UQA0VuJeqE2dVv1gn0wUft93I9fxQcGKkGc2X3r3 Vz7crUhLgVZyasXXMe5IRBr6ZbBsSX/f/2zGaTG/jDpFBBVUqV5JE1LBds0uMwre zvsRicdAuNV2yzFYkkbOzDsupJClHqWv/xqO4gcQqArtYXuMgrPlaiF+nibW5aeM 0tZfFsZk+CE7HkpNx6GPVoCk1hTao5LfZhcx/HNk7e0v0OV4I6YkO7beFLPK4oNM FXA2xIskjqBjjuAviP59oO0sMJYwuxH4E/DCjjxscqkzowoBc401SauK/1eeuCG4 1MAYx/+jN69eWKxMTmZT =N/8S -END PGP SIGNATURE- -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] loop-aes + extra-ciphers...
Chris Walters [EMAIL PROTECTED] at Wednesday 25 June 2008, 22:25:18 Are you a cryptology expert? Are you then? The only thing that cryptography attempts to do is reduce the **probability** of cracking the key and gaining access to the data as low as possible. No news. That's, why cryptology defines security not as being impossible to crack, but as being sufficiently improbable to crack. The only cipher, that can't be brute-forced, is the OTP, which is considered perfectly secure. As for brute forcing a passphrase: Since most implementations of AES (Rijndael) use a hash of the passphrase to form the key, it amounts to the same thing, in practice, as cracking the key. First of all, you can perform hard disk encryption _without_ a passphrase. You can store keyfiles on smart cards, usb sticks, etc. In this case, you can generate a _truely random_ key. Using a passphrase is the most insecure approach, but still, with a sufficiently random passphrase, you can gain a level of security, that even the NSA will find difficult to come around. The randomness of a 30-char passphrase does of course by far not match the randomness of a 256-bit key, so there is a real chance, that it can be guessed by brute force. Still it will take much cpu time, which is not endless, even to the NSA. In such a case, the question is, if the data, you ciphered, is really worth the effort of putting a super computer into work for a long time to try any possible passphrase. Cryptology is, at least partly about finding the weakest link, because that is what is likely to be attacked in any cryptosystem. Of course, absolutely true. Hard disk encryption is by far not perfect, just look at the cold boot attacks that gained public interest in the last time. But you didn't talk of _cryptosystems_ in your previous posts, you did talk about _algorithms_. Summarizing, the modern ciphers themselves are secure, as there is mostly no way to crack them save a brute-force attack on the key. On the other hand, cryptosystems built around these algorithms can of course contain weaknesses and holes, like weak passphrases, unsecure key storage, etc. The US Government only keeps classified information on non-networked computers in secure environments, so the cipher used does not matter as much as the other security measures taken to ensure that the data does not fall into the wrong hands. May be. I do not know, which restrictions apply to US classified data, I only know about official statements, the US government made towards the security of AES. A final thought: It is a fact that both the US Navy and the NSA are *very* interested in cryptology and data security. The NSA also does have large networks of supercomputers that, using parallel, distributed or concurrent computing principles can crack keys more quickly than you may think. You can use simple mathematics to find out, that even the largest super computers, having one peta flop, needs millions of years to perform an exhaustive search through AES key space. Anyway, you may believe, what you want to believe, I'm just reflecting, what real experts like Bruce Schneier have been telling for years: It's wrong to trust into simple ciphers, but it's equally wrong, to believe, that anything can be broken. my 2 cents -- Freedom is always the freedom of dissenters. (Rosa Luxemburg) signature.asc Description: This is a digitally signed message part.
Re: [gentoo-user] loop-aes + extra-ciphers...
On Wednesday 25 June 2008, Chris Walters wrote: | This is the point where I start to ask for a citation and stop | listening to theoretical possibilities and things that might | possibly could be. Unless of course the exact meaning of phrases | like three hundred thousand million years has a different meaning | in your universe than it does in mine. Whom are you asking for a citation from? I'm asking you to back up your totally unsubstantiated assertions that the NSA et al can rapidly crack decent cryptography For which particular facts? Pick any one you like from your contribution to this thread. My favourite would be this one: A final thought: It is a fact that both the US Navy and the NSA are *very* interested in cryptology and data security. The NSA also does have large networks of supercomputers that, using parallel, distributed or concurrent computing principles can crack keys more quickly than you may think. Now that's a pretty definite statement you made there. So, how quickly do you think I think they can do it? And how quickly can they actually do it? Do you really doubt that the US NSA has a *lot* of supercomputers? Not at all, in fact I would hazard an educated guess that the NSA is the largest consumer of supercomputers in the world, and also that they are very reluctant to advertise the fact. I doubt any of their machines appear on the Top500 list. I say this as a natural deduction from knowing what they are mandated to do and how they would realistically go about doing it. Do you really doubt that they have experts in mathematics, cryptology, cryptanalysis, and cryptography experts on staff? Not at all, I would be stupid indeed to doubt that. As evidence, one only has to look at the vast amount of technical literature the NSA has published on the subject. Or perhaps you doubt that they can crack any keys at all... Don't get smart with me, jackass. Everyone here who knows a bit about cryptography knows that give enough time and resources any key can be cracked. I asked you to do a perfectly reasonable thing. You are asserting that the NSA can crack keys quickly, much quicker than the average geek thinks they can do it, but you provide no evidence of this other than your own assertion of it. You didn't even give any evidence of why I should consider you a credible and knowledgeable person in the field. Extraordinary assertions require extraordinary evidence and all that. I see 4 scenarios here: 1. You are perfectly correct and can back it up. In which case I'd like to read the evidence. 2. You are perfectly correct and have the evidence but cannot show it to me due to national security or NDA. That's fine, but do say so. 3. You are presenting your knowledgeable hunch/gut feel/opinion/hearsay evidence as fact. that's also fine, but do say so. 4. You are simply making stuff up in varying degrees. -- Alan McKinnon alan dot mckinnon at gmail dot com -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] loop-aes + extra-ciphers...
Alan McKinnon wrote: Or perhaps you doubt that they can crack any keys at all... Don't get smart with me, jackass. Fuck off, shitehead. Call me a jackass, when I simply state facts you admitted to? You're a fucking idiot. Welcome to my ignore list. -- gentoo-user@lists.gentoo.org mailing list
Re: [gentoo-user] loop-aes + extra-ciphers...
On Wed, Jun 25, 2008 at 9:24 PM, Sebastian Wiesner [EMAIL PROTECTED] wrote: Chris Walters [EMAIL PROTECTED] at Wednesday 25 June 2008, 22:25:18 Are you a cryptology expert? Are you then? I doubt that either of you are cryptology experts. I've known a few, and I am a crypto-expert, who has worked for the government of the US. The only thing that cryptography attempts to do is reduce the **probability** of cracking the key and gaining access to the data as low as possible. No news. That's, why cryptology defines security not as being impossible to crack, but as being sufficiently improbable to crack. The only cipher, that can't be brute-forced, is the OTP, which is considered perfectly secure. There is no such thing as perfectly secure, but a cipher algorithm that would take *all* the computers on Earth a year or more to crack is pretty secure. As for brute forcing a passphrase: Since most implementations of AES (Rijndael) use a hash of the passphrase to form the key, it amounts to the same thing, in practice, as cracking the key. First of all, you can perform hard disk encryption _without_ a passphrase. You can store keyfiles on smart cards, usb sticks, etc. In this case, you can generate a _truely random_ key. Using a passphrase is the most insecure approach, but still, with a sufficiently random passphrase, you can gain a level of security, that even the NSA will find difficult to come around. The randomness of a 30-char passphrase does of course by far not match the randomness of a 256-bit key, so there is a real chance, that it can be guessed by brute force. Still it will take much cpu time, which is not endless, even to the NSA. I don't think I can really comment on this, except to say that smart cards and usb thumb drives are the way to go for security. As long as you can keep control of the device. In such a case, the question is, if the data, you ciphered, is really worth the effort of putting a super computer into work for a long time to try any possible passphrase. Mr. Walters' claim is not that they would put a single super-computer to decrypting it, but a network of supercomputers. I truly don't think you have to worry about that occurring, unless you are deemed a danger to US National Security. Even then, AES is very hard to crack. The major weakness is the person who encrypts the data. Under questioning, most will give up their keys. Cryptology is, at least partly about finding the weakest link, because that is what is likely to be attacked in any cryptosystem. Of course, absolutely true. Hard disk encryption is by far not perfect, just look at the cold boot attacks that gained public interest in the last time. But you didn't talk of _cryptosystems_ in your previous posts, you did talk about _algorithms_. By themselves algorithms are relatively useless. It is only the application of those algorithms that make them useful. In this case, Mr. Walters pointed out how *NOT* to apply cipher algorithms. Some of the ways, anyway. Summarizing, the modern ciphers themselves are secure, as there is mostly no way to crack them save a brute-force attack on the key. On the other hand, cryptosystems built around these algorithms can of course contain weaknesses and holes, like weak passphrases, unsecure key storage, etc. The US Government only keeps classified information on non-networked computers in secure environments, so the cipher used does not matter as much as the other security measures taken to ensure that the data does not fall into the wrong hands. May be. I do not know, which restrictions apply to US classified data, I only know about official statements, the US government made towards the security of AES. I can neither confirm nor deny Mr. Walters' statement. I will state that the United States Government does, in fact, use ciphers to communicate with Embassies, Military Camps and Bases abroad, and Naval vessels. That hardly fits Mr. Walters' statement. A final thought: It is a fact that both the US Navy and the NSA are *very* interested in cryptology and data security. The NSA also does have large networks of supercomputers that, using parallel, distributed or concurrent computing principles can crack keys more quickly than you may think. You can use simple mathematics to find out, that even the largest super computers, having one peta flop, needs millions of years to perform an exhaustive search through AES key space. Anyway, you may believe, what you want to believe, I'm just reflecting, what real experts like Bruce Schneier have been telling for years: It's wrong to trust into simple ciphers, but it's equally wrong, to believe, that anything can be broken. It is equally wrong to believe that any cipher is immune to attack, but it is not nearly as easy as Mr. Walters would have you believe. my 2 cents My nickel... Jase
Re: [gentoo-user] loop-aes + extra-ciphers...
On Wed, Jun 25, 2008 at 9:51 PM, Chris Walters [EMAIL PROTECTED] wrote: Alan McKinnon wrote: Or perhaps you doubt that they can crack any keys at all... Don't get smart with me, jackass. Fuck off, shitehead. Call me a jackass, when I simply state facts you admitted to? You're a fucking idiot. Welcome to my ignore list. Now that was TOTALLY UNCALLED FOR! All he asked you to do is prove your ludicrous statements about the NSA being able to crack any key in a short amount of time. Wait for my private mail, Mr. Walters. Jase
Re: [gentoo-user] loop-aes + extra-ciphers...
Jason Rivard [EMAIL PROTECTED] at Wednesday 25 June 2008, 23:53:23 The only thing that cryptography attempts to do is reduce the **probability** of cracking the key and gaining access to the data as low as possible. No news. That's, why cryptology defines security not as being impossible to crack, but as being sufficiently improbable to crack. The only cipher, that can't be brute-forced, is the OTP, which is considered perfectly secure. There is no such thing as perfectly secure, A OTP cannot be broken using brute force, so the term perfectly secure fits here, imho, at least a bit ;) In such a case, the question is, if the data, you ciphered, is really worth the effort of putting a super computer into work for a long time to try any possible passphrase. Mr. Walters' claim is not that they would put a single super-computer to decrypting it, but a network of supercomputers. Does that difference really matter for ciphers like AES or at least for brute-force attacks on random 256-bit keys? I truly don't think you have to worry about that occurring, unless you are deemed a danger to US National Security. Even then, AES is very hard to crack. The major weakness is the person who encrypts the data. Under questioning, most will give up their keys. Cryptology is, at least partly about finding the weakest link, because that is what is likely to be attacked in any cryptosystem. Of course, absolutely true. Hard disk encryption is by far not perfect, just look at the cold boot attacks that gained public interest in the last time. But you didn't talk of _cryptosystems_ in your previous posts, you did talk about _algorithms_. By themselves algorithms are relatively useless. It is only the application of those algorithms that make them useful. Still, there is a difference between the algorithm as such and a cryptosystem applying this algorithm. Btw, apart from general stuff like weak passphrases, that apply to most cryptosystems, really bad leaks often came from weak algorithms. Consider WEP. A final thought: It is a fact that both the US Navy and the NSA are *very* interested in cryptology and data security. The NSA also does have large networks of supercomputers that, using parallel, distributed or concurrent computing principles can crack keys more quickly than you may think. You can use simple mathematics to find out, that even the largest super computers, having one peta flop, needs millions of years to perform an exhaustive search through AES key space. Anyway, you may believe, what you want to believe, I'm just reflecting, what real experts like Bruce Schneier have been telling for years: It's wrong to trust into simple ciphers, but it's equally wrong, to believe, that anything can be broken. It is equally wrong to believe that any cipher is immune to attack I don't and I did not say so, things like the Debian disaster bring you back to reality from dreams ... -- Freedom is always the freedom of dissenters. (Rosa Luxemburg) signature.asc Description: This is a digitally signed message part.
Re: [gentoo-user] loop-aes + extra-ciphers...
On Wednesday 25 June 2008, Jason Rivard wrote: Wait for my private mail, Mr. Walters. I wouldn't bother with a private mail Jason. Tomorrow Chris will calm down, take a deep breath and probably contribute to the list again. It pretty much always works that way. Maybe he's quick to anger. Well, so am I sometimes. But he certainly does not belong in that class of people who have nothing useful to contribute. -- Alan McKinnon alan dot mckinnon at gmail dot com -- gentoo-user@lists.gentoo.org mailing list
[gentoo-user] loop-aes + extra-ciphers...
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Thanks to all who replied to my previous question. This question is related. Has anyone gotten the 'extra-ciphers' (you can get them from the loop-aes site) to compile with the loop-aes kernel patch in place? If so, could you give me a hint on how to do this? Also, someone said that it was possible to encrypt using multiple passphrases using dm-crypt. To be clear are we talking about the same type of multiple passphrases that can be used with AES and Serpent with loop-aes? In other words, you set up a number pg passphrases (64 or 65), and the first block uses the first passphrase, the second block uses the second one, etc. The 65th passpharse is added to the hash of the encryption passphrase. Also (as if that weren't enough), is it possible to encrypt the passphrases or keys in dm-crypt with gnupg, like it is with loop-aes? If so, please give examples. Regards, Chris -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJIYatgAAoJEIAhA8M9p9DAcpkQAIwEuT/aVkYSSEXhoYgE0nMb I4A/F4eyd/vUi7/uxgKjcB/zpepgpuidzBU+K3skKiEl8ktWqPmWdFrEYg0h2Wbj NfTrPDpCycKfHv3ikIRF492PhFmIGf8JbmRGRNr9q93suITVpXdOE0mfqZp90dwR c3yo/2rKPM4/uRSt3WzL1UutblBaaA7Z7PpuzrYfB3QFrCZWgCPmW8bdqohWibpv kY9N15O2dsB9Fm0c1De/teWoF6tVLEsCFOKLS8tDuwAMnabFWV4AveTMjk3xxOgx hjO3MbwSTBpjICX+xXOUItvqRI9hfh/bY5BWyxx3iTxY0HnonAiWcyXXaJpnqxUf 0FfbGKO8NVvDiFfCuvfXg7tYLM84yYrZtYIqk9WhjxzSGtZVoBRXlDO3VbsPyTf7 Im34qLzqlqLMpLYUh2w22yhAKo/Um2OEiC1/52HyZX5nPgxxMDbefOe0/Bb/Ua82 OW/TqFymuTvcq3QTUOeKCLnk1PEB6iHjDzUb24Sbhr/5y+WFTblLipCECwJENFD4 iRhUpeIOSr9wiOrrErQat8O7N30+NLLaTIYrMI21QgNlEPEfFIvFxLEP+PnMPRzY V9UjhYyBxBZyTVPEDjMvUPrTFJdgGFyw1kEnlu6znbSrtMMtH0+95bmOdJvCg1fH Fx0XyMbEsWMm8GpbjU0H =PrSp -END PGP SIGNATURE- -- gentoo-user@lists.gentoo.org mailing list