[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Maximum password length in single-key mode? And, FEATURE REQUEST: be able to use a single password in multi-key mode

To: debian@xxxxxxx
Subject: Re: Maximum password length in single-key mode? And, FEATURE REQUEST: be able to use a single password in multi-key mode
From: Jari Ruusu <jariruusu@xxxxxxxxxxxxxxxxxxxxx>
Date: Wed, 21 Apr 2004 17:07:20 +0300
Cc: "linux-crypto (E-mail)" <linux-crypto@xxxxxxxxxxxx>
List-archive: <http://mail.nl.linux.org/linux-crypto/>
List-help: <mailto:ecartis@nl.linux.org?Subject=help>
List-id: <linux-crypto.nl.linux.org>
List-owner: <mailto:riel@nl.linux.org>
List-post: <mailto:linux-crypto@nl.linux.org>
List-software: Ecartis version 1.0.0
List-subscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=subscribe>
List-unsubscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=unsubscribe>
References: <000501c426e5$da98a6a0$1ca3a8c0@chlaptop>
Sender: linux-crypto-bounce@xxxxxxxxxxxx

debian@xxxxxxx wrote:
> The loop-AES.README file mention that the minimum password length in
> single-key mode is 20 characters.
> 
> But, what is the maximum password length in single-key mode? Are there any
> other restrictions for the password?

Interactively typed passwords have a limit of 127 bytes. That 127 byte limit
comes from getpass() limit. If password is read from file descriptor (losetup
"-p 0" option), then it is limited by mlock()able RAM size only.

> If it is possible to have *very* long passwords (random data), then it would
> be nice to have the possiblity to split up the single-key password to be
> used as the keys in the same way as the keys in the multi-key mode is used.
> For example: assume that you have a 2048 characters password. Split this
> password in 64 equal sizes and you will have 64 different passwords each
> with the length of 32 characters. Then, you should be able to use these
> passwords in multi-key mode (if the loop-AES is patched to be able to work
> with this setup, of course...).

That would break backwards compatibility.

May I suggest that you put gpg encrypted key file in /etc/foo.gpg and use
that 2048 characters long passphrase to decrypt the key file.

Or are you "no stinking gpg on my box" person?

-- 
Jari Ruusu  1024R/3A220F51 5B 4B F9 BB D3 3F 52 E9  DB 1D EB E3 24 0E A9 DD

-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/

Follow-Ups:
- RE: Maximum password length in single-key mode? And, FEATURE REQUEST: be able to use a single password in multi-key mode
  - From: debian

References:
- Maximum password length in single-key mode? And, FEATURE REQUEST: be able to use a single password in multi-key mode
  - From: debian

Prev by Date: Maximum password length in single-key mode? And, FEATURE REQUEST: be able to use a single password in multi-key mode
Next by Date: RE: Maximum password length in single-key mode? And, FEATURE REQUEST: be able to use a single password in multi-key mode
Previous by thread: Maximum password length in single-key mode? And, FEATURE REQUEST: be able to use a single password in multi-key mode
Next by thread: RE: Maximum password length in single-key mode? And, FEATURE REQUEST: be able to use a single password in multi-key mode
Index(es):
- Date
- Thread