1 |
On 080301 at 01:51, Dan Reidy wrote: |
2 |
> I've never done any benchmarks myself, however a few years back I did read |
3 |
> up on which crytpo engine would be best for a large hard disk or partition. |
4 |
> I do remember clearly that there is a bug in AES's block cyper that causes |
5 |
> it to repeat keys on large disks/partitions. This "feature" could make it |
6 |
> easier for your key to be cracked. I personally use Twofish 256 with |
7 |
> SHA256, ive never tried any other hash method. I also use Serpent on my |
8 |
> swap, for no other reason than to try something different - and it's a cool |
9 |
> name. (flame on!). |
10 |
|
11 |
You may be talking about a generic problem when using a block cipher in CBC mode. |
12 |
The block size of a block cipher limits the total amount of data that |
13 |
can be encrypted using a single key, without reducing security. |
14 |
|
15 |
See also: http://en.wikipedia.org/wiki/Disk_encryption_theory |
16 |
|
17 |
I'm pretty sure that there is no such bug in AES itself. A known |
18 |
problem however is the susceptibility to side-channel attacks: |
19 |
http://en.wikipedia.org/wiki/Advanced_Encryption_Standard#Side_channel_attacks |
20 |
Ciphers can be designed to avoid side-channel attacks, but NIST(sadly) |
21 |
did not care about this problem during the AES contest. |
22 |
|
23 |
|
24 |
About other algorithms...3DES is still considered very secure due to |
25 |
the very extensive review. AES is very new in comparison, but has also |
26 |
been heavily reviewed due to its status as encryption standard. The |
27 |
other AES finalists are probably about as secure. But if you want to |
28 |
use a different algorithm, or mode, adjust how a cipher is used or |
29 |
combine it with other ciphers, you should *really* know your stuff. |
30 |
And even then, you will probably miss something and the result will be |
31 |
less secure. |
32 |
|
33 |
|
34 |
128bit are considered secure for the next several years. Its much |
35 |
easier and cheaper to guess your password, steal your usb-key or |
36 |
threaten your family than to break a 128 bit key by bruteforce. If you |
37 |
are afraid of quantum computers or aliens, you may want to choose |
38 |
256bit. |
39 |
|
40 |
|
41 |
HTH, |
42 |
pepe |
43 |
-- |
44 |
pepe@×××××××.net gpg --recv-key A04D7875 |
45 |
Key fingerprint: B805 57BE E4AF 0104 CC51 77A1 CE6F 8D46 A04D 7875 |