On Fri, Apr 06, 2007 at 04:28:49PM +0200, Thomas B?chler wrote: > aLTer schrieb: > > If there is no ready programs for bruteforcing, I would like to write > > new one. > > I know C and a few other programming languages and a bit familiar with > > cryptography. > > Any other ideas, suggestions? > > LUKS is designed to prevent brutefroce attacks against the passphrases. > Basically, trying one passphrase should take about one second, so you > can expect it to take years to break, read the paper on the the luks > homepage about the design for more information. LUKS brute-force countermeasures make the brute-forcing only harder, they do not prevent it, as all crypto does make reading something only harder. Consequentially you can use standard brute-forcers and adap them. One option is "john the ripper", which is open source. However I think it is a password guesser only. I don't think it supports phrases. Some more possible candidates for adaption are on wikipedias page on passward cracking: http://en.wikipedia.org/wiki/Password_cracking Still, typical attacks require a lot of tries on reasonable passphrases and with LUKS you need around one second of CPU time per try. That makes guessing infeasible for all but really, really weak passphrases or the ones you already know a lot about. Side note: Yes, the anti-brute force measurements in LUKS are pretty nifty. Have a look at them. Arno -- Arno Wagner, Dipl. Inform., CISSP --- CSG, ETH Zurich, wagner@xxxxxxxxxxxxxx GnuPG: ID: 1E25338F FP: 0C30 5782 9D93 F785 E79C 0296 797F 6B50 1E25 338F ---- Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans There is considerable overlap between the intelligence of the smartest bears and the dumbest tourists. -- Yosemite park ranger on bear-proof trashcans --------------------------------------------------------------------- dm-crypt mailing list - http://www.saout.de/misc/dm-crypt/ To unsubscribe, e-mail: dm-crypt-unsubscribe@xxxxxxxx For additional commands, e-mail: dm-crypt-help@xxxxxxxx
