Gentoo Logo
Gentoo Spaceship




Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-security
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Headers:
To: gentoo-security@g.o
From: Steffen Schulz <pepe_ml@...>
Subject: Re: Encryption Ciphers
Date: Sat, 1 Mar 2008 03:37:12 +0100
On 080301 at 01:51, Dan Reidy wrote:
> I've never done any benchmarks myself, however a few years back I did read 
> up on which crytpo engine would be best for a large hard disk or partition. 
> I do remember clearly that there is a bug in AES's block cyper that causes 
> it to repeat keys on large disks/partitions. This "feature" could make it 
> easier for your key to be cracked. I personally use Twofish 256 with 
> SHA256, ive never tried any other hash method. I also use Serpent on my 
> swap, for no other reason than to try something different - and it's a cool 
> name. (flame on!).

You may be talking about a generic problem when using a block cipher in CBC mode.
The block size of a block cipher limits the total amount of data that
can be encrypted using a single key, without reducing security.

See also: http://en.wikipedia.org/wiki/Disk_encryption_theory

I'm pretty sure that there is no such bug in AES itself. A known
problem however is the susceptibility to side-channel attacks:
http://en.wikipedia.org/wiki/Advanced_Encryption_Standard#Side_channel_attacks
Ciphers can be designed to avoid side-channel attacks, but NIST(sadly)
did not care about this problem during the AES contest.


About other algorithms...3DES is still considered very secure due to
the very extensive review. AES is very new in comparison, but has also
been heavily reviewed due to its status as encryption standard. The
other AES finalists are probably about as secure. But if you want to
use a different algorithm, or mode, adjust how a cipher is used or
combine it with other ciphers, you should *really* know your stuff.
And even then, you will probably miss something and the result will be
less secure.


128bit are considered secure for the next several years. Its much
easier and cheaper to guess your password, steal your usb-key or
threaten your family than to break a 128 bit key by bruteforce. If you
are afraid of quantum computers or aliens, you may want to choose
256bit.


HTH,
pepe
-- 
pepe@...                            gpg --recv-key A04D7875
Key fingerprint: B805 57BE E4AF 0104 CC51  77A1 CE6F 8D46 A04D 7875
Attachment:
signature.asc (Digital signature)
Replies:
Re: Encryption Ciphers
-- Mansour Moufid
References:
Encryption Ciphers
-- Florian Philipp
Re: Encryption Ciphers
-- Dan Reidy
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
Re: Encryption Ciphers
Next by thread:
Re: Encryption Ciphers
Previous by date:
Re: Encryption Ciphers gentoo-security@g.o
Next by date:
Re: Encryption Ciphers


Updated Jun 17, 2009

Summary: Archive of the gentoo-security mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.