Re: How to protect an encrypted file system for off-line attack?

To: javuchi@gmail.com, debian-user@lists.debian.org
Subject: Re: How to protect an encrypted file system for off-line attack?
From: owens@netptc.net
Date: Tue, 24 Feb 2009 07:41:25 -0800
Message-id: <[🔎] 380-220092224154125609@netptc.net>

>
>
>
>---- Original Message ----
>From: javuchi@gmail.com
>To: debian-user@lists.debian.org
>Subject: Re: How to protect an encrypted file system for off-line
>attack?
>Date: Tue, 24 Feb 2009 03:31:51 +0100
>
>>owens@netptc.net escribió:
>>>>
>>>>
>>>> ---- Original Message ----
>>>> From: javuchi@gmail.com
>>>> To: debian-user@lists.debian.org
>>>> Subject: Re: How to protect an encrypted file system for off-line
>>>> attack?
>>>> Date: Mon, 23 Feb 2009 23:53:27 +0100
>>>>
>>>>> Ron Johnson escribió:
>>>>>> On 02/23/2009 09:26 AM, Javier wrote:
>>>>>>> Ron Johnson escribió:
>>>>>>>> On 02/23/2009 01:28 AM, Jordi Gutiérrez Hermoso wrote:
>>>>>>>>> 2009/2/21 Javier <javuchi@gmail.com>:
>>>>>>>>>> I'm actually using encfs to protect my sensitive data,
>>>>>>>>> Eh...
>>>>>>>>>
>>>>>>>>>       http://xkcd.com/538/
>>>>>>>> That's known as Rubber Hose Decryption.
>>>>>>>>
>>>>>>>
>>>>>>> Oh yes, but if he had the chance to scape, at least the files
>>>> continue
>>>>>>> to be untouchable....
>>>>>> Given enough time, and resources, *nothing* is untouchable. 
>It's
>>>> just a
>>>>>> matter of whether They think that the time-effort is worth
>being
>>>> spent
>>>>>> on *you*.
>>>>> Do you mean that there is a way to crack a 256bits AES?
>>>>>
>>> Yep! Given enough plaintext and ciphertext and enough time (or
>>> parallel compute power and less time), a brute force attack will
>>> always work.
>>> Larry
>>
>>What do you mean with "always work"? I mean, is it not going to take
>one
>>million years or so? For example, if you encrypt your /home.
>>
>>
My "solution" was a standard brute force attack.  It seems each time
a new algorithm arises purporting to take "a million years" to break,
it is in fact broken within years and finally days.  In fact IIRC the
RSA system was broken after a challenge from Ron Rivest (the "R") via
a concerted attack using the Internet to parse out the key space.
Larry
>>-- 
>>To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org 
>>with a subject of "unsubscribe". Trouble? Contact listmaster@lists.d
>ebian.org
>>
>>
>>

Reply to:

Prev by Date: Re: how to find why packages are automatically installed?
Next by Date: Re: repo gpg keys list
Previous by thread: Re: How to protect an encrypted file system for off-line attack?
Next by thread: Re: How to protect an encrypted file system for off-line attack?
Index(es):
- Date
- Thread