On Sat, Apr 22, 2017 at 15:33:28 CEST, Robert Nichols wrote: > On 04/21/2017 07:25 PM, Arno Wagner wrote: > >Aassume 1 bit has been corrupted in a random place. > >A key-slot is 256kB, i.e. 2Mbit. That means trying it > >out (flip one bit, do an unlock attempt) would take > >2 million seconds on the original PC, i.e. 23 days. > >This can maybe be brought down by a factor of 5 or so > >with the fastest avaliable CPU (the oteration count of > >150k is pretty low), i.e. still roughly 5 days. > > > >This may be worth giving it a try, but it requires some > >serious coding with libcryptsetup and it will only > >help on a single bit-error. > > > >It may of course be a more complex error, especially > >when ECC in the disk has corrected an error to the > >wrong value, because the original was too corrupted. > > The drive would almost certainly have detected and corrected a single-bit > error. Only when the error happened in FLASH. It can happen in RAM and on a bus and there it would not have been corrected. Can even be a transient error (charged cosmic particle impacting a RAM cell, e.g.), these things happen. > > > >The keyslot checker is no help here, it is intendend > >to find gross localized corruption, > > It is still worth running the keyslot checker to detect gross corruption > before spending 5+ days in a (probably futile) search for a single bit > flip. That has already been done. But I agree that the chances for a single-bit error are not good. Regards, Arno -- Arno Wagner, Dr. sc. techn., Dipl. Inform., Email: arno@xxxxxxxxxxx GnuPG: ID: CB5D9718 FP: 12D6 C03B 1B30 33BB 13CF B774 E35C 5FA1 CB5D 9718 ---- A good decision is based on knowledge and not on numbers. -- Plato If it's in the news, don't worry about it. The very definition of "news" is "something that hardly ever happens." -- Bruce Schneier _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
