From: Hubert Chan <hubert@uhoreg.ca>
To: reiserfs-list@namesys.com
Subject: Re: The situation at hand and in the future
Date: Sat, 29 May 2004 20:41:48 -0400 [thread overview]
Message-ID: <87k6yuzqyb.fsf@uhoreg.ca> (raw)
In-Reply-To: 40B919DF.3040408@slaphack.com
>>>>> "David" == David Masover <ninja@slaphack.com> writes:
[...]
David> Don't know about md5, but how hard is it to brute-force the file
David> itself? ~ How about some strong magic at the beginning of the
David> file (perhaps a checksum of the filename?) which can be used to
David> verify (within reason) that the passphrase worked? How
David> vulnerable are modern ciphers to known-plaintext attacks?
Modern ciphers should be fairly resistant to know-plaintext attacks, I
think. When you put a filesystem on a loopback, you've essentially got
a known-plaintext, because filesystems typically start with a magic
number. (Assuming the attacker knows what filesystem you're using.)
It's best to avoid known plaintexts if possible, of course, if you're
worried about security.
One thing that can be done is to take just the first couple of bytes
from a hash to be used as your check. That will catch the user from
common entry errors, and won't reduce the keyspace by that much
(hopefully).
--
Hubert Chan <hubert@uhoreg.ca> - http://www.uhoreg.ca/
PGP/GnuPG key: 1024D/124B61FA
Fingerprint: 96C5 012F 5F74 A5F7 1FF7 5291 AF29 C719 124B 61FA
Key available at wwwkeys.pgp.net. Encrypted e-mail preferred.
next prev parent reply other threads:[~2004-05-30 0:41 UTC|newest]
Thread overview: 41+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-05-27 20:01 The situation at hand and in the future mjt
2004-05-27 21:05 ` Valdis.Kletnieks
2004-05-27 22:09 ` David Masover
2004-05-28 6:33 ` mjt
2004-05-28 19:53 ` Valdis.Kletnieks
2004-05-29 12:48 ` mjt
2004-05-29 14:22 ` David Masover
2004-05-29 15:49 ` mjt
2004-05-29 23:16 ` David Masover
2004-05-30 0:41 ` Hubert Chan [this message]
2004-05-30 12:29 ` mjt
2004-05-30 16:54 ` Hubert Chan
2004-05-30 12:27 ` mjt
2004-05-30 17:09 ` Hubert Chan
2004-05-31 0:07 ` The Amazing Dragon
2004-05-30 17:13 ` Hubert Chan
2004-05-30 18:06 ` mjt
2004-05-31 0:45 ` David Masover
2004-05-31 8:38 ` mjt
2004-05-31 15:12 ` David Masover
2004-05-31 17:20 ` Hubert Chan
2004-05-31 21:14 ` David Masover
2004-05-31 15:16 ` Hubert Chan
2004-06-01 13:25 ` Edward Shushkin
2004-06-02 8:05 ` mjt
2004-06-02 12:51 ` Edward Shushkin
2004-06-02 15:15 ` mjt
2004-05-31 18:31 ` Valdis.Kletnieks
2004-05-31 21:15 ` David Masover
2004-06-02 2:45 ` Hans Reiser
2004-05-29 20:04 ` Hubert Chan
2004-05-29 23:19 ` David Masover
2004-05-31 18:27 ` Valdis.Kletnieks
2004-05-31 21:23 ` David Masover
2004-06-01 2:09 ` Hubert Chan
2004-06-05 4:50 ` David Masover
2004-06-05 7:30 ` Valdis.Kletnieks
2004-06-05 10:07 ` Christian Iversen
2004-06-07 17:35 ` Valdis.Kletnieks
2004-06-09 22:01 ` David Masover
2004-06-10 8:23 ` mjt
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87k6yuzqyb.fsf@uhoreg.ca \
--to=hubert@uhoreg.ca \
--cc=reiserfs-list@namesys.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.