[wellylug] USB stick protection
Atom Smasher
atom at smasher.org
Sun Mar 29 13:55:15 NZDT 2009
On Sun, 29 Mar 2009, Cliff Pratt wrote:
> http://mareichelt.de/pub/texts.cryptoloop.php
>
> Though I'm not sure that TrueCrypt == truecrypt and whether the flaws
> are to be found in later versions of truecrypt > 4.1.
======================
first paragraph, last sentence: "Up-to-date versions of dm-crypt (with
LUKS) and truecrypt are also ok to use."
also: "Unfortunately truecrypt [versions prior to 4.1] is just another
broken device crypto implementation that uses good ciphers in insecure
way. Specially crafted static bit patterns are easily detectable through
that kind of bad crypto. Requirements: (1) used ciphers must have 128-bit
block size and (2) file system where bit patterns are stored must have 2K
or larger soft block size. Many popular linux file systems meet those
requirements."
the paper is about 5 years old.
--
...atom
________________________
http://atom.smasher.org/
762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808
-------------------------------------------------
"These numbers have nothing to do with the technology of
the devices; they are the maximum that thermodynamics will
allow. and they strongly imply that brute-force attacks
against 256-bit keys will be infeasible until computers
are built from something other than matter and occupy
something other than space."
-- Bruce Schneier, Applied Cryptography
More information about the wellylug
mailing list