(I'll try to start a new thread from the following quotes.)
On Sat, Nov 28, 2009 at 8:50 AM, Robert J. Hansen wrote:
> Matt wrote:
>> If I had a sufficiently good passphrase, would Google returning my
>> secret key as the first hit result for every search for a day still be
>> secure?
>
> "S
On Nov 28, 2009, at 9:42 AM, Ciprian Dorin, Craciun wrote:
Maybe someone could clear this out (at least from GnuPG part). (My
original post was related with both GnuPG an OpenSSH).
~~ Original post:
(I have a very basic question that to most of the persons reading
this news-group
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
David Shaw escribió:
> On Nov 28, 2009, at 9:42 AM, Ciprian Dorin, Craciun wrote:
...
>>Also, how many bits of security should my password have in order
>> to withstand an attack from a small / medium enterprise? (Government
>> is out of the ques
On Sat, Nov 28, 2009 at 5:47 PM, David Shaw wrote:
> On Nov 28, 2009, at 9:42 AM, Ciprian Dorin, Craciun wrote:
>
>> Maybe someone could clear this out (at least from GnuPG part). (My
>> original post was related with both GnuPG an OpenSSH).
>>
>> ~~ Original post:
>>
>> (I have a very
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
November 28th for gnupg-users@gnupg.org thread "GnuPG private key
resilience against off-line brute-force attacks"
Entropy is a relative thing AFAIR:
For one who knows than a password was generated by using diceware the
entropy will be 7776^n + 777
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
There is thread in the archives with the subject "TPK Archival" that may
be useful.
http://lists.gnupg.org/pipermail/gnupg-users/2009-March/035996.html
Regards,
Chris
-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.9 (GNU/Linux)
Comment: Using Gnu
David Shaw wrote:
> Difficult question to answer, since everyone is going to wave around
> their opinion. :)
There are some empirical facts which may be useful, though -- like
observing the RC5-64 project was able to break a 64-bit key via a
massive distributed project that took 18 months of runti
Robert J. Hansen wrote:
> David Shaw wrote:
>> Difficult question to answer, since everyone is going to wave around
>> their opinion. :)
>
> There are some empirical facts which may be useful, though -- like
> observing the RC5-64 project was able to break a 64-bit key via a
> massive distributed
On Sat, Nov 28, 2009 at 3:47 PM, David Shaw wrote:
[snip]
> I'd suggest starting with the various calculators on
> http://www.keylength.com/
A very interesting website. I followed the links, and found this document:
http://www.nsa.gov/ia/programs/suiteb_cryptography/index.shtml
It seems that
Hi,
On Sat, Nov 28, 2009 at 1:47 PM, David Shaw wrote:
>> The question is: what does GnuPG or OpenSSH do to slow down
>> password brute-force? I mean does the password derivation function use
>> some iterations? If so how many? Can I configure them? I guess so but
>> I couldn't find any data o
On Nov 28, 2009, at 12:37 PM, Robert J. Hansen wrote:
David Shaw wrote:
Difficult question to answer, since everyone is going to wave around
their opinion. :)
There are some empirical facts which may be useful, though -- like
observing the RC5-64 project was able to break a 64-bit key via a
m
On Nov 28, 2009, at 3:07 PM, M.B.Jr. wrote:
Hi,
On Sat, Nov 28, 2009 at 1:47 PM, David Shaw
wrote:
The question is: what does GnuPG or OpenSSH do to slow down
password brute-force? I mean does the password derivation function
use
some iterations? If so how many? Can I configure them? I
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
November 28th 2009 for gnupg-users@gnupg.org thread "GnuPG private key
resilience against off-line brute-force attacks"
Loop unrolling only gives more performance in very small loops, for
not so small ones there can be in fact a performance penality
On Nov 28, 2009, at 11:55 AM, Ciprian Dorin, Craciun wrote:
Thank you for the quick reply. (This is the kind of answer I was
hopping to get. :) ) It seems that `s2k-count` escaped me. :)
Maybe there should be an entry in the FAQ about this topic.
Related with my question about the pas
On Sun, Nov 29, 2009 at 12:29 AM, Mario Castelán Castro
wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> November 28th 2009 for gnupg-users@gnupg.org thread "GnuPG private key
> resilience against off-line brute-force attacks"
>
> Loop unrolling only gives more performance in very sm
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
November 28th 2009 for gnupg-users@gnupg.org thread "GnuPG private key
resilience against off-line brute-force attacks"
Ciprian: Wath you say is possible but useless.
One could build a machine who computes anything in only 1 clock cycle
or than not
* "Ciprian Dorin, Craciun" wrote:
> Thank you for the quick reply. (This is the kind of answer I was
> hopping to get. :) ) It seems that `s2k-count` escaped me. :)
>
> Maybe there should be an entry in the FAQ about this topic.
Well, other projects make good use of that option, f.e. lo
17 matches
Mail list logo
