Re: How to protect an encrypted file system for off-line attack?
On Mon, Feb 23, 2009 at 07:53:54PM EST, Ron Johnson wrote:
> On 02/23/2009 06:12 PM, Chris Jones wrote:
> >On Mon, Feb 23, 2009 at 02:34:26PM EST, Ron Johnson wrote:
> >>Given enough time, and resources, *nothing* is untouchable. It's
> >>just a matter of whether They think that the time-effort is worth
> >>being spent on *you*.
> >
> >Like, twenty times the estimated life of the universe.. a thousand
> >times its mass in silicon chips. Everyone involved long dead anyways.
> http://en.wikipedia.org/wiki/EFF_DES_cracker
> When DES was approved as a federal standard in 1976, a machine
> fast enough to test that many keys in a reasonable time would have
> cost an unreasonable amount of money to build.
>
> http://en.wikipedia.org/wiki/EFF_DES_cracker#Technology
> Advanced Wireless Technologies built 1856 custom ASIC DES chips
> (called Deep Crack or AWT-4500), housed on 29 circuit boards of 64
> chips each. The boards are then fitted in six cabinets. The search
> is coordinated by a single PC which assigns ranges of keys to the
> chips. The entire machine was capable of testing over 90 billion
> keys per second. It would take about 9 days to test every possible
> key at that rate. On average, the correct key would be found in
> half that time.
>
> In the 11 years since Deep Crack, IC process technology has improved
> by leaps and bounds, and the NSA can throw a whole lot of h/w in
> parallel at brute-force attacks.
>
> Combine that with Side Channel Attacks (easy if you have the machine
> that did the encryption, and which can discover part of the key) and
> mathematical analysis to determine even more of the key, you suddenly
> see something feasible.
Obsolete sources my end..
Thanks for the heads-up.
Reply to: