Michael Catanzaro wrote: > On Fri, 2015-03-06 at 19:25 -0500, Miloslav Trmač wrote: > > The way we deploy LUKS, a single password guess takes one second on a comparable hardware, so the fuzz factor is not actually as large as it might seem. > > Wow, I had no clue it was that good. OK, so making one guess at the user > account password every ~three seconds would not be an unreasonable > attack, once you've stolen the computer, given how slow it would be to > attack LUKS. I had incorrectly assumed that the difference in speed > would be orders of magnitude. > > Still, this is not a realistic threat for most users, and it would take > forever to attack either way, so this really just convinces me that I > can be safe with a much weaker disk encryption password than I had > previously imagined. :) Don't forget that an attack on the disk encryption can be parallelized, while attempts to unlock the console can not. Björn Persson
Attachment:
pgpuYkIOURmNy.pgp
Description: OpenPGP digital signatur
-- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
