Mr. Ruusu: So if I understand you correctly, it is the "seed" which is allowing us to choose our own less secure phrases, and the seed makes it that much tougher? So buy using the longest "bitwise" seed we can, we are more able to feel comfortable with lower entropy phrases? Very Respectfully, Stuart Blake Tener, IT3, USNR-R, N3GWG Beverly Hills, California VTU 1904G (Volunteer Training Unit) stuart@xxxxxxxxxxx west coast: (310)-358-0202 P.O. Box 16043, Beverly Hills, CA 90209-2043 east coast: (215)-338-6005 P.O. Box 45859, Philadelphia, PA 19149-5859 Telecopier: (419)-715-6073 fax to email gateway via www.efax.com (it's free!) JOIN THE US NAVY RESERVE, SERVE YOUR COUNTRY, AND BENEFIT FROM IT ALL. Sunday, September 30, 2001 12:33 PM -----Original Message----- From: owner-linux-crypto@xxxxxxxxxxxx [mailto:owner-linux-crypto@xxxxxxxxxxxx]On Behalf Of Jari Ruusu Sent: Sunday, September 30, 2001 6:13 AM To: peter k. Cc: linux-crypto@xxxxxxxxxxxx Subject: Re: Announce loop-AES-v1.4e file/swap crypto package "peter k." wrote: > > - Password seeds can be used to slow down dictionary attacks. "-S XXX" > > option added to losetup, and "-o pseed=XXX" option added to mount. > > could you explain us how this is used by AES and also put that into the > readme when > you release the next version of loop-aes? how much does a password seed > increase > security? Password seed is appended to user supplied password before password is hashed using SHA-256 one way hash. For example, if seed is: IrzWg/8z211G4PI4l/pA And user supplied (bad and guessable) password is: quick brown fox jumped over lazy dog Resulting string that would be hashed: quick brown fox jumped over lazy dogIrzWg/8z211G4PI4l/pA That's bad news to an attacker, because he would have to start recomputing the hashes of the 500 billion known strings he has in his dictionary _after_ he has access to your password seed. And, if another partition has a different seed, guess what... recompute again. > and, would it be a good idea to use for example 128 bytes of urandom data > (and i wouldnt save it to disk of course) as the seed when encrypting swap? Seed is only useful to slow down dictionary attacks. It does not increase security if a password is already random and unguessable. Regards, Jari Ruusu <jari.ruusu@xxxxxxxxxx> Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
