Chris Jones:
> On Fri, Feb 27, 2009 at 08:34:25AM EST, Jochen Schulz wrote:
>
>> This is a valid question! Depending on the encryption system in use,
>> it cannot be answered satisfactorily.
>
> I'm not sure it's related to the encryption/decryption process.
>
> What I had in mind when I wrote the above was that with the immense
> volumes of output generated, having a crowd of quick-eyed folks look at
> it one individual dose at a time to determine the likelihood of its
> being the correct "solution" in a timely fashion is not practical.
Sure, it isn't. But if you are, for example, trying to brute-force a
LUKS key's passphrase, there appears to be a way to know whether the
passphrase is correct, or not. But I can only guess how it is done.
>> If a one-time pad is in use where the key is as long as the encrypted
>> document, it cannot be answered at all.
>
> Don't take my word for it, but I believe it one-time pads .. as their
> name implies need to be unique to the document to make it impossible to
> decrypt. Otherwise you start introducing regularities.
Sure. But you could just declare your whole hard disk (or a filesystem)
as one document. As long as your purely random key is as long as this
"document", it would still qualify as one-time pad.
>> Even if one key reveals a "good looking" plaintext, the attacker has
>> no way to know whether this plaintext is the right one because other
>> keys lead to other valid looking plaintext.
>
> Keeping in mind that what you (the cracker, I mean..) are looking for
> might not be plain text in the first place.
Sorry, what I meant was unencrypted cleartext.
> I guess you could devise some complementary hardware support to your HD
> that would hold all the one-time pads and Mission Impossible style
> destroy itself within seconds in case of an emergency.. but I have a
> feeling that the encryption of an entire file system is more something
> that's meant to protect you from unsophisticated prying without making
> your existence miserable but that it was never meant to address the
> security of strategic files and truly sensitive data.
Why not? What makes filesystem encryption less secure than e-mail or
single file encryption?
J.
--
I am worried that my dreams pale in comparison beside TV docu-soaps.
[Agree] [Disagree]
<http://www.slowlydownward.com/NODATA/data_enter2.html>
Attachment:
signature.asc
Description: Digital signature