> From: [email protected] [mailto:[email protected]] > On Behalf Of William J. Robbins > > This ignores the option of using a keyfile instead of a password. Further, > Truecrypt does not use a password key derivation process - it uses a random > number generator process (the process that you go through by moving the > mouse).
When you're doing whole disk encryption, and unlocking the volume via truecrypt bootloader, I don't believe the bootloader supports keyfiles, and even if it does, there is no USB or removable storage support, so as far as I can tell, you just can't do it. A password key derivation process is absolutely necessary whenever you have stored key encrypted by a password. The user types in a password, and the key derivation process applies salting and stretching via some hash algorithm (In this case, SHA256) to generate the key that is used for encryption/decryption. The key itself was randomly generated, but the key itself is stored encrypted in the Truecrypt header, encrypted by the key that's generated from password via the key derivation process. This way, you can quickly easily change your volume password without needing to re-encrypt the whole volume. It just overwrites a small block at the beginning and end of the volume. > Bitlocker: "Some say it's 128, some say 256. I'm guessing it's actually 128 > by > default, with an option to go stronger somehow." > MS article saying, "BitLocker supports two levels of cipher strength for > BitLocker: 128-bit and 256-bit. "(http://technet.microsoft.com/en- > us/library/ee706531(v=ws.10).aspx) Yeah, I saw that article. But whenever I've enabled bitlocker before, they don't prompt you for any of the optional options. You don't select a key strength, you don't get any option of enabling PIN or key media, etc. It just does the brainless one-click setup, without telling you what it's doing. That's why I said I think it's doing 128 bits, with some potentially easy option to do 256, but I don't know how. > Bitlocker: "...if somebody tries to brute force 128 bits with a normal > laptop, it > will take ~ 60,000 years." > So, we discussed lobbing GPUs and FPGA cracking from the NSA when we > discussed Truecrypt, but only people with crappy laptops are going to be able > to try to crack a Bitlocker key? And how do you come to the conclusion that > Truecrypt's 256bit key is inferior to Bitlocker's 128bit key you surmised > earlier? I'm afraid I don't understand the question(s). I did say that despite 256bit encryption in truecrypt, that's irrelevant because the weakpoint is the way-less-than-256bit password a user must type in. If your system is going to be locked by a human memorizable password, then you might as well run 128bit cipher, because no attacker will ever waste their time trying to attack the key directly. They'll try to attack your password instead. Bitlocker, via TPM, uses a full-strength randomly generated key, which is locked away and never exposed. The weakpoint is either the key itself, or some difficult and risky technique of tampering with the tamper-resistant TPM. It's all contained on a single chip. Very difficult, if not impossible, to crack apart or otherwise look inside, to read its memory. > "In bitlocker, your "backup" key is random digits, stored in Active Directory, > or something." > A backup key that is random digits is not a key to anything. Proper keys are > randomly generated, but they are no longer just random numbers when > they are used to encrypt things - at that point, they NEED to be very specific > and in a very particular order. BTW: Bitlocker by itself doesn't store > anything > in AD, unless you are deploying using Microsoft's MBAM. I'm afraid I don't get your point. The encryption key is randomly generated, and a backup copy stored somewhere of your choosing. So I guess it's no longer "random" when you copy it, because at that point you're sequentially copying data that has been predetermined, but it seems very nonsensical to say so... So unless you're just being pointlessly antagonistic, I guess I must have missed your point. _______________________________________________ Tech mailing list [email protected] https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
