On Fri, Nov 29, 2013 at 01:49:57 CET, anderson jackson wrote: > On Fri, 29 Nov 2013 01:32:51 +0100 Arno Wagner <arno@xxxxxxxxxxx> wrote > > > If I understood this right, it is plain(luks(data)) > > No actually I meant plain(plain(data)). Therefore you won't see the luks > header when the attacker finds the correct pass but just random data. > That is not really more secure than just plain with the two passphrases concatenated (as long as the entropy does not exceed the key length). No reason to do this, except if you mistrust the ciphers and want to use two different ones. Arno -- Arno Wagner, Dr. sc. techn., Dipl. Inform., Email: arno@xxxxxxxxxxx GnuPG: ID: CB5D9718 FP: 12D6 C03B 1B30 33BB 13CF B774 E35C 5FA1 CB5D 9718 ---- There are two ways of constructing a software design: One way is to make it so simple that there are obviously no deficiencies, and the other way is to make it so complicated that there are no obvious deficiencies. The first method is far more difficult. --Tony Hoare _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
