On 19.08.2010, Michael Matczynski wrote: > For luksFormat, is there a difference in password strength between the > following two passwords? > 1.) <256bitsecret> > > 2.) <256bitsecret> | base64 Yes, if both passwords have the same length and you choose a password which is built upon a base of at least more than 64 different chars. The password strength (entropy) is calculated this way, B = ((L * log P) / log 2) where B is the entropy in bits, L is the length of the password, and P is the amount of possible different chars (the "pool"). So if you choose base64, P will always be 64, and if you choose a password which e.g. includes A-Za-z0-9 og random chars as %!"/(] (and so on), P will be higher, thus resulting in a higher strength of the overall password. As long as you choose a password with P > 64, it will be stronger. There are P^N different passwords. > Does the use of PBKDF2 make the longer but less entropy password #2 > equivalent to #1? If the hash used in PBKDF2 is not flawed or broken: yes. _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
