On Fri, Nov 29, 2013 at 11:55:31 CET, Matthias Schniedermeyer wrote: > On 29.11.2013 01:32, anderson jackson wrote: [...] > There is also loop-aes v3 format, also supported by dm-crypt/cryptsetup. > It doesn't use a header and you need a total of 65 keys to be > broken, before you could read the whole volume. > But you would need to use a key-file to store the 65 keys, the > "standard" method is to use gpg for that. > Without the key-file it is pratically impossible to break such an > encrypted volume. Same as it is pratically impossible to break a simple > plain encrypted volume with a key that has full entophy. Indeed. From something like 100 bit of effort, brute forcing may well become impossible on this planet and for something like 200 bits of effort, it may become impossible in this galaxy. (Not enough energy and matter available...). So the primary concern is to have a) good ciphers and b) high-entropy passphrases. Concern b) is the responsibility of the user. Arno -- Arno Wagner, Dr. sc. techn., Dipl. Inform., Email: arno@xxxxxxxxxxx GnuPG: ID: CB5D9718 FP: 12D6 C03B 1B30 33BB 13CF B774 E35C 5FA1 CB5D 9718 ---- There are two ways of constructing a software design: One way is to make it so simple that there are obviously no deficiencies, and the other way is to make it so complicated that there are no obvious deficiencies. The first method is far more difficult. --Tony Hoare _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
