Yes, it is only 256 bits secure (at best). Fortunately 256 bits is insanely large. Overkill if you ask me, but I'm not complaining. You can not brute force a 256 bit key.
I did read the LUKS-on-disk-format document on the LUKS website, and if I read it correctly, the area that stores each encrypted master key is only 4 bytes long. This means that the effective master key length is only 4 bytes (32-bits).
Nah, the master key is either 16 [128 bits] or 32 bytes [256 bits]. Of course on disk it takes up many more times that, due to the AFsplit() inflation. On 6/12/06, Michael Cassaniti <m.cassaniti@xxxxxxxxx> wrote:
Did I ask the wrong question? I haven't heard any more feedback. My last post gives an idea of the amount for brute force work it would take to break the loop-AES system. AES itself only has 256 bits maximum, but loop-AES is using 64 keys, instead of one, plus a random IV. Is dm-crypt only 256 bits secure when using AES cipher and using a USB stick with it? I'm trying to understand how the USB stick fits in for a start, and how large the master key is when operated like this. Anyone? Can't be that hard can it? --------------------------------------------------------------------- - http://www.saout.de/misc/dm-crypt/ To unsubscribe, e-mail: dm-crypt-unsubscribe@xxxxxxxx For additional commands, e-mail: dm-crypt-help@xxxxxxxx
--------------------------------------------------------------------- - http://www.saout.de/misc/dm-crypt/ To unsubscribe, e-mail: dm-crypt-unsubscribe@xxxxxxxx For additional commands, e-mail: dm-crypt-help@xxxxxxxx
