The passphrase is iterated (with some sort of key derivation algorithm)
as far as I understand it.
Usually you can modify the amount of time in ms during keyslot creation
which is spent in doing iterations.
If you assume you can do n Iterations in 1 second, and some other
machine can do 10 times n iterations, then machine two would spend
(approx) 1/10 second per passphrase (password) test.
But this is only of relevance, where the passphrase universe << key
universe - Meaning, when the entropy of your passphrase is bigger than
the keyspace, it doesn't matter, since you'd try cracking the actualy
key within the keyspace.
Regards
-Sven
Si St schrieb:
Question:
Say we have a dm/LUKS encrypted partition or harddisk. - Do we have a crack-password-delay-mechanism as a part of the encryption, or is this a feature of the software of the OS?
I I have understood that with the very rapid crackingspeed (brute-force) we have nowadays, the new approach to this is to force in a delay for each password enter, as a tool of increased security. Is this feature a block independent software, or is it only a software program of the booted OS?
If so, attacking the harddisk directly independent of the booted OS will pass this feature.
(Have I made myself clear?)
_______________________________________________
dm-crypt mailing list
dm-crypt@xxxxxxxx
http://www.saout.de/mailman/listinfo/dm-crypt
