On Tue, Sep 27, 2011 at 8:17 PM, Arno Wagner <arno@xxxxxxxxxxx> wrote: ... > No. The passphrase is not stored and the PBKDF2 iterations > prevent reconstructing it. ... Looking into the PBKDF2 function would also be valuable, I notice the buffer for T_i is allocated off the stack and doesn't look to be explicitly wiped. Presumably some but hopefully all of it gets overwritten as the program runs :) (I notice the gnupg devs use a burn_stack() function that attempts to explicitly achieve this). So much fun to be investigated! _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
