From owner-linux-crypto@nl.linux.org Sun Jul 1 07:13:20 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Sun, 1 Jul 2001 07:12:03 +0200 Received: from nationalcontractors.com ([207.173.117.117]:32522 "EHLO nationalcontractors.com") by humbolt.nl.linux.org with ESMTP id ; Sun, 1 Jul 2001 07:11:43 +0200 Received: from w2kpro01 (ppp-206-170-209-122.lsan03.pacbell.net [206.170.209.122]) by nationalcontractors.com (8.9.3/8.9.3) with SMTP id WAA40499 for ; Sat, 30 Jun 2001 22:15:48 -0700 (MST) (envelope-from stuart@bh90210.net) Reply-To: From: "IT3 Stuart B. Tener, USNR-R" To: Subject: Crypto Choices Date: Sat, 30 Jun 2001 22:11:10 -0700 Message-ID: MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="----=_NextPart_000_0000_01C101B1.91B60970" X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) Importance: Normal X-MS-TNEF-Correlator: X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Disposition-Notification-To: "IT3 Stuart B. Tener, USNR-R" Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list This is a multi-part message in MIME format. ------=_NextPart_000_0000_01C101B1.91B60970 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Crypto users: I have decided (for the moment) to standardize on the Mandrake 8.0 distribution of Linux for my installation. I have also read much more about the "International Patch" and its capabilities, and simply having an encrypted filesystem is not enough for me now. While that is the first and foremost issue I wish to tackle at the moment, I am interested in why some people the think the entire International Patch is garbage, and useless. I am told it does work to some extent. In the Mandrake arena, does anyone know of a site which is keeping patches and such going for Mandrake folks? Does anyone know what Mandrakes position on supporting crypto will be in current and future releases (as Debian is rumored to be supporting crypto now). I have gotten a spare HD to use as a "development" HD for this crypto project. I started by downloading the 2.4.5 source for Mandrake's kernel, and am going to build it once I get the crypto filesystem stuff working (rebuilding mount, umount, losetup, and loop.o currently). Very Respectfully, Stuart Blake Tener, IT3, USNR-R, N3GWG VTU 1904G (Volunteer Training Unit) stuart@bh90210.net west coast: (310)-358-0202 P.O. Box 16043, Beverly Hills, CA 90209-2043 east coast: (215)-338-6005 P.O. Box 45859, Philadelphia, PA 19149-5859 Telecopier: (419)-715-6073 fax to email gateway via www.efax.com (it's free!) JOIN THE US NAVY RESERVE, SERVE YOUR COUNTRY, AND BENEFIT FROM IT ALL. Saturday, June 30, 2001 10:06 PM ------=_NextPart_000_0000_01C101B1.91B60970 Content-Type: application/ms-tnef; name="winmail.dat" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="winmail.dat" eJ8+IgoFAQaQCAAEAAAAAAABAAEAAQeQBgAIAAAA5AQAAAAAAADoAAEIgAcAGAAAAElQTS5NaWNy b3NvZnQgTWFpbC5Ob3RlADEIAQ2ABAACAAAAAgACAAEGgAMADgAAANEHBgAeABYACwAAAAYAIwEB A5AGAOAQAAAjAAAACwACAAEAAAALACMAAAAAAAMAJgAAAAAACwApAAEAAAACATEAAQAAAAwBAABQ Q0RGRUIwOQABAAIAmAAAAAAAAAA4obsQBeUQGqG7CAArKlbCAABQU1RQUlguRExMAAAAAAAAAABO SVRB+b+4AQCqADfZbgAAAEM6XERvY3VtZW50cyBhbmQgU2V0dGluZ3Ncc3R1YXJ0XExvY2FsIFNl dHRpbmdzXEFwcGxpY2F0aW9uIERhdGFcTWljcm9zb2Z0XE91dGxvb2tcb3V0bG9vay5wc3QAGAAA AAAAAADqeiEhu+nREZeoAIDHxU/WooAAAAAAAAAYAAAAAAAAAOp6ISG76dERl6gAgMfFT9bCgAAA EAAAACp3ByPzyRdMgaTdOLYSazQPAAAAQ3J5cHRvIENob2ljZXMAAwA2AAAAAAAeAHAAAQAAAA8A AABDcnlwdG8gQ2hvaWNlcwAAAgFxAAEAAAAWAAAAAcEB7DqEiVj2reQzTsukT8L4LHRgkwAAAgEd DAEAAAAYAAAAU01UUDpTVFVBUlRAQkg5MDIxMC5ORVQACwABDgAAAABAAAYOAIqcN+wBwQECAQoO AQAAABgAAAAAAAAA6nohIbvp0RGXqACAx8VP1sKAAAALAB8OAQAAAAIBCRABAAAA5AsAAOALAADd GQAATFpGdblMFKMDAAoAcmNwZzEyNXIyDGBjMQMwAQcLYG6RDhAwMzMPFmZlD5JPAfcCpANjAgBj aArAc4RldALRcHJxMgAAkioKoW5vElAgMAHQhQHQNg+gMDUwNBQh8wHQFBA0fQdtAoMAUAPU+xH/ EwtiE+EUUBOyGPQU0JMHEwKDMjgRjjIzGmFFF3IgB20gQ0UaBDlPGn8UQBuvHLV5cgKDM3MWMRGs MTYWMR7/A4JH/QnRayB0DlAg/yQxIj8Dgp5UCHAgdA/AJF43NyV/IRy0KEhlYglwdyn/IHQewSeu G58ptgcQAaAN4GUqlTUrHzg2LE8ctEL9B0B0DeAgdC/BFmwbeAcT/R0GMyihMj0etzO1IFYdkf8W bCHoM7QjiBRQN08lVzO0vSbmNBY/KIgztCorNCQx9zzOMzwtuzQncTdtL7cztFcxRgKRCOY7CW8w Rb9l/Q4wNUbqSAFHv0jJRtRI8v9HX0svSu1Kb0ifRu8QYBpQ/1C6UdFRj1KZRtRSwlEvVP/vVL1U P1JvVjQ5DlBZhFrhh1MDWuACgnN0eWwHkCpoCeB0AABxAyFsaQ8BQAUQAUAD8GRjdGx7CrEAYHMK sF4gFuBeYm4EdW0CAGFhdXRvMQBgZGp1XFAFEGdoXnRdgQoBXVAKAWkBkHD+MAMxPJIMAQ9XEBgI 0AnAc13gYiNucGJ5ZBQDMHP4bmV4FzAHsAWwAMACc7kTEGNzD5ADMF/gZGFAdGl2E4BEARBfkDFg IBpQCsBhCcBhYGggRhsCIVwTMS6QXRJmaS09D5A4YNJp012cKlBkcs8JUGtyFqBrcnc0UCEXAP5w AdBm0V6PX59gpmnTYU/3Yl9jb2R+Ym0wCYACIHBxz2VjaTBn8GChdC1okANhCjowMG92MFN1YmoF BZB0djBEYXRlOv9o5C/AaW9qf2uPbJ9tr26//2/MXKB9MAuADhJwcQwwcKQ/DlBxL3I/c090X3Vn UmX7Z1AXASAqMH0wBJBo5Cig/3f/eQ96H3svfD4IYF4QC4D2ZVyAZ1BsAUB9P35Pf1SWMI9wCNBi CrB0OH/o/XEGMh7AEBaRMYHkE1AXcPhvb2aCP4NPhFeQAIVweQtQeS9ooInQCxGF5XP/aOQaYIbf h++I/4oPfD+ND/9vz3DfgW+TL5Q/lU+WUnZS/3X0dykdkF0fXi+cH2BPnmT9j7M5nq+fv6DPod+E SKrguERvY6ggCfAFQE2ecO9mNpsTZwarB2MAQK6oZrI/p2CFoQIgM+FcQAWgbXDtE2JFAMADEFNc YgHQXBP+MgBQpf+nD6gfqS+eb6vP36zfre+EC7XwtNAttPIGAOu5YLQAdAhwZUTjExBF0IJ2AlEg e1VuaxNQ+ncV0X220sHQtxCZwQGAfm52sABgCfBnALAAkmF4UwtgAkBveQnwXGWAcP9coAAgC5AT UGfBmcC3kADh5wIwAmAAgGJkDDATUQqwfmMBEAWwZ8ACAWXwfzJllFxoBbB6w4JkZwDA7HJnC4HI YGjGky+gAUH8Z3bJKcfhuWCd4ZgQyZPdyqU0OeHI8sfgdwBQybL/zHN2wMSQAHALMMOBXGCzsKUO UHYIkHdrC4BkHsD/zmIE8AdAEGEBQA4AmZJcsHe48M/FAhBvuZC3kJXgdP/B4IxRwtLRV7mAAMC4 sLeQ/5JhxgC5gLjxCTK5IIxwAlD/B0ALkNRhAlHOsbZQ0WDPUfu3EAJgd9UjAlEAIAnAtlD5wwBy a8cBseIXIRLyd0CHtIDD8ROAQzpcXHWAem9oQW1okAMQB5DYoE3PDeADYLPgAYAgTwEgDeC9x8Bc 2lYPk8RwtPIuhCD+dMIgFxC3EJZwufJlgAFA/8NR02AEkMfA3GKMQrySMfD3AUDcY2eUY8FhEwIA gAWQ+Gx2bABQuDEFALhg3/H/AZAAIOByzrGwQQHB3+EW4J8PcAAAuDAM0AGQIC7AtH/f9g5Q4JLF QeD/4g/jH2y/D8C4MAWB5M/l3+bvbB7A37gw1ZDkn+lf6mQp41wukPfoL+0P6kRiKhACke4v4CP/ L8Dr3/Cf8a/yv+BQKKD0Av/g3/Vv9n/jXBpg9A/5j/qf//uv4FAdkPiP/h//LwA0Cvn/tkC2L7c/ uE+5X7pvu3+8j2dki0URslZDcs4QCHAgo9QBFwA6DQoFAiAPlePX4C3gIEkgFuBnUe/BTwagReAt oMbhIHRcsCD2bRWgsEEpEfAPEAIBw2D5llFpehhAaLAR87CAw2DlLdBrGEA4LmWwZxAI4ppiCGBp E7GSwCBMBZCIdXggEcJteSAFkO0CAWzD8RWBLhC21YCz4P4gRdAIoBIw4LBogBJARdA9GABijBER 80UCslaTSX8EcJbQwEEVgUFhaADVYGjelBgAw2AWsNLwIM9QBvCvLfAGEDFw2XAsHANzH1DvldEQ 0n9xHAEgRlABoA7h9xGBl8BcgXlcUNgAFrAs8P/GcGfgRlCMEAkgFkQUkMHB+ReAV2jZURHxdzAg AhIC/5fAOABn4BwSxuHYALSgIkJ+c0awELE3cWiADwHTgGP+a9cxIjESCB1QEMDZEXWhz92RH8Ec MQWgd2gWoLPgvyExs7CSgCHjIfIFkGsR87+wQSLgJEEa32iAIBFnBwC5g+BnZR1U1ALZcHMXglvZ EQhwbBwyESBvMHF3v8uAKRES0SfiZYGwQS4Pld8Z+hALE80HAEZQYR1QLYP9IzB5aLAUkMGyFbLq oB2w/9hRJ5BB4CsDFICVwB5Sj9HPN9Aykx2RGMJnbx5SEcLDFCfQ4Gxrcz+v4TKd/yeQIjEUJhxw tJFnIRWSBaD9JCBwtJDWcB5SHuMPEDzQuRcQIGIUkAWRsBByMhF/IxUIYMBxGFFcgIPxHHAo/wcw Z3FB0B6RIBHHABkClnDvDwE8ETqvIVIp40Avnw//f2dRNkDWMEZQM6IG8YXRRP8SstQBGAAyoRqg ArCMoZKA/7AyG/BEsRHEIBE7VZKRdsL/LwcFC7XvBq8HvwjPCd8K738L/w0PQXEwHhLi1nARgWI3 FqDCYdIAb39TEfMyLrQ0LnVgcwQwjBByxsDPQWIOkTabWQBxddEAP9F/NKEbAIxwHVTZETZEP5J1 /9vgLTNosMbAELEroBmUO1W7H2lM0HXa4C3DHlIoPaD3WTMeUhJAdSYiPyFdk0Xwu7SwwGBwHVRF 8JKALg8Qfzx1leBBQC8Yl8CMcFBgZn8tIIQQTfDfsmFRFsJR9SAAQVVUT1RFWFQwTElTVEngaRAg Iv2/riIZ4GDCLSCz0GfRYNF/slCR8bIRkN+R4ZJ1Qh1Wf5bQFqCFcLOhSrA9MBcQeZcdUEIstTB1 AiEgQmagnRSBVMRQltAmQVQzHVBAVVNOUi1SHVBOEDNHV0dox1RVIMmlwDA0baAoVtNAXZH7NMBC cFQUYAWQHlLBkE3wjxKgQiVb0QIhQGJoboC5v3AwLnUQIxBCJXcnAU8cgFRATNB2MCgzTyAp4C0z NTgtkdCR0CqwdC5PF4BCw9BuYN6gNG1ssUKFgh3xSDvRHUFDxEEgcXEwOS2yYHTwr0KGPdFyuL9w NXOBM3PAHd6gMIThdEaaoDg1Of0dUFAhwYYRS2E+oHoBdjD/pcDL4HaQecJCHWwgLFC0YLc04JbQ cyE0pcBzgDeE0P14wTdR4EwgFjAPAduzK0FfpUCWQBagzmDqoHeAAC653yF4LrRhPiBN8CcccDJm PaBlIXBXQiVKT2RJTqRwSEVs0W1QQQRWWYVgRVNFUlYGRR1Qg7MgWU9VUkMOsISQTlRSWR1QQYJO RMBCRU5FRmyQMaSwUk9NbIFi4ExM/xeAQixgxmHMZh9nLxXBr+D2QWMwY7FAY/CxgLGAHVBuTYyR ESCMYXmNIRDQOnZt2SDZEC9GEGUQ2KAqi7Bwg8BHhdBPUk2LoH9lL4lfim/AAMBSEzBqQUqzXZAU kDMwHVCyYDC/gNFPIDowNiqwTcCwYML/kC+RP2hHBP9J/0sPTB9NL/9OP09PUF+9yATvmH+Zj5qf P5uvnL+dz57fUV8vFn0AAarACwAAgAggBgAAAAAAwAAAAAAAAEYAAAAAA4UAAAAAAAADAAKACCAG AAAAAADAAAAAAAAARgAAAAAQhQAAAAAAAAMABYAIIAYAAAAAAMAAAAAAAABGAAAAAFKFAAA/cQEA HgAlgAggBgAAAAAAwAAAAAAAAEYAAAAAVIUAAAEAAAAEAAAAOS4wAAMAJoAIIAYAAAAAAMAAAAAA AABGAAAAAAGFAAAAAAAACwAvgAggBgAAAAAAwAAAAAAAAEYAAAAADoUAAAAAAAADADCACCAGAAAA AADAAAAAAAAARgAAAAARhQAAAAAAAAMAMoAIIAYAAAAAAMAAAAAAAABGAAAAABiFAAAAAAAACwDV gAggBgAAAAAAwAAAAAAAAEYAAAAABoUAAAAAAAALANmACCAGAAAAAADAAAAAAAAARgAAAACChQAA AQAAAAIB+A8BAAAAEAAAAOp6ISG76dERl6gAgMfFT9YCAfoPAQAAABAAAADqeiEhu+nREZeoAIDH xU/WAgH7DwEAAACYAAAAAAAAADihuxAF5RAaobsIACsqVsIAAFBTVFBSWC5ETEwAAAAAAAAAAE5J VEH5v7gBAKoAN9luAAAAQzpcRG9jdW1lbnRzIGFuZCBTZXR0aW5nc1xzdHVhcnRcTG9jYWwgU2V0 dGluZ3NcQXBwbGljYXRpb24gRGF0YVxNaWNyb3NvZnRcT3V0bG9va1xvdXRsb29rLnBzdAADAP4P BQAAAAMADTT9NwAAAgF/AAEAAAAyAAAAPE5CQkJKSEtJT0tQS09HT0VQRURQRUVCRURMQUEuc3R1 YXJ0QGJoOTAyMTAubmV0PgAAAAMABhDoRgCVAwAHELIEAAADABAQAAAAAAMAERAAAAAAHgAIEAEA AABlAAAAQ1JZUFRPVVNFUlM6SUhBVkVERUNJREVEKEZPUlRIRU1PTUVOVClUT1NUQU5EQVJESVpF T05USEVNQU5EUkFLRTgwRElTVFJJQlVUSU9OT0ZMSU5VWEZPUk1ZSU5TVEFMTEFUSQAAAABI+g== ------=_NextPart_000_0000_01C101B1.91B60970-- Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Fri Jul 6 21:28:29 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Fri, 6 Jul 2001 21:26:59 +0200 Received: from pop.gmx.net ([194.221.183.20]:19308 "HELO mail.gmx.net") by humbolt.nl.linux.org with SMTP id ; Fri, 6 Jul 2001 21:26:45 +0200 Received: (qmail 28679 invoked by uid 0); 6 Jul 2001 19:26:42 -0000 Received: from p3ee33c38.dip.t-dialin.net (HELO host1) (62.227.60.56) by mail.gmx.net (mp007-rz3) with SMTP; 6 Jul 2001 19:26:42 -0000 Message-ID: <001701c10651$97453f60$0100005a@host1> From: "peter k." To: "Jari Ruusu" Cc: References: <3B39D328.810C4CB3@pp.inet.fi> Subject: Re: Announce loop-AES-v1.3b file crypto package Date: Fri, 6 Jul 2001 21:26:34 +0200 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4522.1200 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list > In short: If file crypto is all you need, this package is a hassle free > replacement for international crypto patch. > > This package provides loadable Linux kernel module (loop.o) that has AES > cipher built-in. The AES cipher can be used to encrypt local file systems > and disk partitions. For more information about compiling and using the > driver, see the README file in the package. > > Features: > - No source modifications to kernel. No patch hassles when a new version of > kernel is released. > - Works with 2.4, 2.2 and 2.0 kernels. > - AES cipher is used in CBC mode. Supports 128, 192 and 256 bit keys. > - Passwords hashed with SHA-256, SHA-384 or SHA-512. > - 512 byte based IV. IV is immune to variations in transfer size and does > not depend on file system block size. i saw that in the readme: "Password string has a minimum length of 20 characters." aren't 10 byte passwords enough? i dont like having to learn 20 byte passwords =( and which encryption type do you suggest? AES, AES128, AES192 or AES256? Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Sat Jul 7 03:25:08 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Sat, 7 Jul 2001 03:23:39 +0200 Received: from alcove.wittsend.com ([130.205.0.20]:60038 "EHLO alcove.wittsend.com") by humbolt.nl.linux.org with ESMTP id ; Sat, 7 Jul 2001 03:23:24 +0200 Received: (from mhw@localhost) by alcove.wittsend.com (8.9.3/8.9.3) id VAA03587; Fri, 6 Jul 2001 21:23:12 -0400 Date: Fri, 6 Jul 2001 21:23:12 -0400 From: "Michael H. Warfield" To: "peter k." Cc: Jari Ruusu , linux-crypto@nl.linux.org Subject: Re: Announce loop-AES-v1.3b file crypto package Message-ID: <20010706212312.A3357@alcove.wittsend.com> Mail-Followup-To: "peter k." , Jari Ruusu , linux-crypto@nl.linux.org References: <3B39D328.810C4CB3@pp.inet.fi> <001701c10651$97453f60$0100005a@host1> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.3.2i In-Reply-To: <001701c10651$97453f60$0100005a@host1>; from spam-goes-to-dev-null@gmx.net on Fri, Jul 06, 2001 at 09:26:34PM +0200 Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list On Fri, Jul 06, 2001 at 09:26:34PM +0200, peter k. wrote: > > In short: If file crypto is all you need, this package is a hassle free > > replacement for international crypto patch. > > This package provides loadable Linux kernel module (loop.o) that has AES > > cipher built-in. The AES cipher can be used to encrypt local file systems > > and disk partitions. For more information about compiling and using the > > driver, see the README file in the package. > > Features: > > - No source modifications to kernel. No patch hassles when a new version > of > > kernel is released. > > - Works with 2.4, 2.2 and 2.0 kernels. > > - AES cipher is used in CBC mode. Supports 128, 192 and 256 bit keys. > > - Passwords hashed with SHA-256, SHA-384 or SHA-512. > > - 512 byte based IV. IV is immune to variations in transfer size and does > > not depend on file system block size. > i saw that in the readme: "Password string has a minimum length of 20 > characters." > aren't 10 byte passwords enough? i dont like having to learn 20 byte > passwords =( No, 10 byte passwords are NOT enough. Given that they are printable ascii characters and subject to a variety of other entropy reducing issues, a password "byte" is probably only worth about 6 bits of entropy, maybe (probably) less. That gives you only about 60 bits of strength against brute force. Not enough... Rule of thumb... (although all "rules of thumb are bad since they lead to guessible patterns.) Pass WORD is bad. Pass PHRASE is better. Make it several words with number substitutions and odd punctuation. Make at LEAST one word misspelled, especially if the mispelling is one of the numbers. (Example: Wizard -> W122@rd!). The sillier (or obnoxious, or obscene) the better (easier to remember, harder to guess). Basic mnemonics. You won't forget and 1t_wi11-b3=@.B1111t)H! t0 gu3ss..! (it will be a bitch to guess) :-) > and which encryption type do you suggest? AES, AES128, AES192 or AES256? > Linux-crypto: cryptography in and on the Linux system > Archive: http://mail.nl.linux.org/linux-crypto/ Mike -- Michael H. Warfield | (770) 985-6132 | mhw@WittsEnd.com (The Mad Wizard) | (678) 463-0932 | http://www.wittsend.com/mhw/ NIC whois: MHW9 | An optimist believes we live in the best of all PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it! Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Sat Jul 7 03:43:24 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Sat, 7 Jul 2001 03:41:51 +0200 Received: from pop.gmx.net ([194.221.183.20]:65054 "HELO mail.gmx.net") by humbolt.nl.linux.org with SMTP id ; Sat, 7 Jul 2001 03:41:38 +0200 Received: (qmail 21174 invoked by uid 0); 7 Jul 2001 01:41:30 -0000 Received: from p3ee33f77.dip.t-dialin.net (HELO host1) (62.227.63.119) by mail.gmx.net (mail05) with SMTP; 7 Jul 2001 01:41:30 -0000 Message-ID: <001901c10685$f287fd20$0100005a@host1> From: "peter k." To: "Michael H. Warfield" Cc: "Jari Ruusu" , References: <3B39D328.810C4CB3@pp.inet.fi> <001701c10651$97453f60$0100005a@host1> <20010706212312.A3357@alcove.wittsend.com> Subject: Re: Announce loop-AES-v1.3b file crypto package Date: Sat, 7 Jul 2001 03:41:13 +0200 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4522.1200 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list > > i saw that in the readme: "Password string has a minimum length of 20 > > characters." > > aren't 10 byte passwords enough? i dont like having to learn 20 byte > > passwords =( > > No, 10 byte passwords are NOT enough. Given that they are > printable ascii characters and subject to a variety of other entropy > reducing issues, a password "byte" is probably only worth about 6 > bits of entropy, maybe (probably) less. That gives you only about > 60 bits of strength against brute force. Not enough... > > Rule of thumb... (although all "rules of thumb are bad since > they lead to guessible patterns.) Pass WORD is bad. Pass PHRASE is > better. Make it several words with number substitutions and odd > punctuation. Make at LEAST one word misspelled, especially if the > mispelling is one of the numbers. (Example: Wizard -> W122@rd!). > The sillier (or obnoxious, or obscene) the better (easier to remember, > harder to guess). Basic mnemonics. You won't forget and > 1t_wi11-b3=@.B1111t)H! t0 gu3ss..! (it will be a bitch to guess) :-) well, im usually using passwords like "4wj8s06bj2" or "7e1t91436g", not any english or whatever words!! so if i would have to learn a 20 byte password in that format it would be like "v1872cqad730lbsq53i8" or "0v7g25y0mp49n26yrntb" and learning that isnt easy, is it? ;) Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Sat Jul 7 04:05:18 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Sat, 7 Jul 2001 04:03:49 +0200 Received: from alcove.wittsend.com ([130.205.0.20]:58247 "EHLO alcove.wittsend.com") by humbolt.nl.linux.org with ESMTP id ; Sat, 7 Jul 2001 04:03:40 +0200 Received: (from mhw@localhost) by alcove.wittsend.com (8.9.3/8.9.3) id WAA04228; Fri, 6 Jul 2001 22:03:32 -0400 Date: Fri, 6 Jul 2001 22:03:32 -0400 From: "Michael H. Warfield" To: "peter k." Cc: "Michael H. Warfield" , Jari Ruusu , linux-crypto@nl.linux.org Subject: Re: Announce loop-AES-v1.3b file crypto package Message-ID: <20010706220332.C3357@alcove.wittsend.com> Mail-Followup-To: "peter k." , "Michael H. Warfield" , Jari Ruusu , linux-crypto@nl.linux.org References: <3B39D328.810C4CB3@pp.inet.fi> <001701c10651$97453f60$0100005a@host1> <20010706212312.A3357@alcove.wittsend.com> <001901c10685$f287fd20$0100005a@host1> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.3.2i In-Reply-To: <001901c10685$f287fd20$0100005a@host1>; from spam-goes-to-dev-null@gmx.net on Sat, Jul 07, 2001 at 03:41:13AM +0200 Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list On Sat, Jul 07, 2001 at 03:41:13AM +0200, peter k. wrote: > > > i saw that in the readme: "Password string has a minimum length of 20 > > > characters." > > > aren't 10 byte passwords enough? i dont like having to learn 20 byte > > > passwords =( > > No, 10 byte passwords are NOT enough. Given that they are > > printable ascii characters and subject to a variety of other entropy > > reducing issues, a password "byte" is probably only worth about 6 > > bits of entropy, maybe (probably) less. That gives you only about > > 60 bits of strength against brute force. Not enough... > > Rule of thumb... (although all "rules of thumb are bad since > > they lead to guessible patterns.) Pass WORD is bad. Pass PHRASE is > > better. Make it several words with number substitutions and odd > > punctuation. Make at LEAST one word misspelled, especially if the > > mispelling is one of the numbers. (Example: Wizard -> W122@rd!). > > The sillier (or obnoxious, or obscene) the better (easier to remember, > > harder to guess). Basic mnemonics. You won't forget and > > 1t_wi11-b3=@.B1111t)H! t0 gu3ss..! (it will be a bitch to guess) :-) > well, im usually using passwords like "4wj8s06bj2" or "7e1t91436g", not any > english or whatever words!! > so if i would have to learn a 20 byte password in that format it would be > like "v1872cqad730lbsq53i8" or "0v7g25y0mp49n26yrntb" and learning that isnt > easy, is it? ;) But that still doesn't buy you as much entropy as using a longer passphrase that is mnemonic and easier to remember. Even if you ASSUME that you can use totally random characters, that only approaches 7 bits per character (but can never reach it) and is still less than the strength of a well formed 20 character mnemonic pass phrase that's easier to remember. BTW... Count yourself LUCKY! The $#@$#@$#@ ppdd encryption package requires TWO 24-character passphrases! That package has some major advantages over the loopback packages like this, because it encrypts a "session key" (a random key that you don't really control) which allows for a "master key" and a "working key", each of which can decrypt the session key that unlocks the drive. Another advantage to that package is encrypting the root drive (anyone work out how to do that with this package?). Now... Note... That's two 24-character passphrases for EACH master key and each working key. You have to enter BOTH passphrases of either the master key or the working key to unlock the drive. I'm looking at taking advantage of the two passphrase system to generate a boot CD with one passphrase and a "smart card" with the other passphrase, requiring that you have both to boot the system or even access the root file system (the PIN on the smart card makes it even tougher to bust even with the exposed passphrase on the CD). The MAJOR disadvantages to his system is some pedantic requirements on block sizes, restriction to ext2(3) and major problems with the 2.4.x kernels. Mike -- Michael H. Warfield | (770) 985-6132 | mhw@WittsEnd.com (The Mad Wizard) | (678) 463-0932 | http://www.wittsend.com/mhw/ NIC whois: MHW9 | An optimist believes we live in the best of all PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it! Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Sat Jul 7 04:54:21 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Sat, 7 Jul 2001 04:52:52 +0200 Received: from mail.win.co.nz ([210.55.230.193]:12549 "EHLO mail.win.co.nz") by humbolt.nl.linux.org with ESMTP id ; Sat, 7 Jul 2001 04:52:34 +0200 Received: from work (unknown [210.55.104.94]) by mail.win.co.nz (Postfix) with ESMTP id D3AB85382B7 for ; Sat, 7 Jul 2001 14:52:15 +1200 (NZST) Subject: Re: Crypto Choices From: Adam Warner To: linux-crypto@nl.linux.org Content-Type: text/plain Content-Transfer-Encoding: 7bit X-Mailer: Evolution/0.10.99 (Preview Release) Date: 07 Jul 2001 14:53:19 +1200 Message-Id: <994474399.3799.3.camel@work> Mime-Version: 1.0 Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list Hi Stuart, Just joined the list so inline responding is difficult. You wrote: I have decided (for the moment) to standardize on the Mandrake 8.0 distribution of Linux for my installation. I have also read much more about the "International Patch" and its capabilities, and simply having an encrypted filesystem is not enough for me now. While that is the first and foremost issue I wish to tackle at the moment, I am interested in why some people the think the entire International Patch is garbage, and useless. I am told it does work to some extent. I reply: It is not garbage and useless. My advice would be to encrypt a separate partition. Then you don't have to worry about the underlying filesystem (because there won't be any). You wrote: In the Mandrake arena, does anyone know of a site which is keeping patches and such going for Mandrake folks? Does anyone know what Mandrakes position on supporting crypto will be in current and future releases (as Debian is rumored to be supporting crypto now). I reply: It's pretty much irrelevant. You're the one who has to patch the kernel and do whatever else in necessary as set out here: http://encryptionhowto.sourceforge.net/Encryption-HOWTO.html You may want to consider the overall security of your distribution of choice though. I trust Debian or Redhat to provide security patches in a timely manner. >I have gotten a spare HD to use as a "development" HD for this crypto project. Good. Then it will be easy to create a spare partition for testing. You wrote: I started by downloading the 2.4.5 source for Mandrake's kernel, and am going to build it once I get the crypto filesystem stuff working (rebuilding mount, umount, losetup, and loop.o currently). I reply: First mistake. You want to start with the "official" Linus kernel source available from here: http://www.kernel.org/pub/linux/kernel/v2.4/ And then patch the kernel using the patch available from here: http://www.kernel.org/pub/linux/kernel/crypto/v2.4/ See my next post. I'm sure someone will be able to help with the resulting patching failure. Regards, Adam Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Sat Jul 7 05:16:21 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Sat, 7 Jul 2001 05:14:43 +0200 Received: from mail.win.co.nz ([210.55.230.193]:52485 "EHLO mail.win.co.nz") by humbolt.nl.linux.org with ESMTP id ; Sat, 7 Jul 2001 05:14:20 +0200 Received: from work (unknown [210.55.104.94]) by mail.win.co.nz (Postfix) with ESMTP id 6AEAA53827E for ; Sat, 7 Jul 2001 15:14:04 +1200 (NZST) Subject: Patching 2.4.6--help fixing 1 hunk that failed From: Adam Warner To: linux-crypto@nl.linux.org Content-Type: text/plain Content-Transfer-Encoding: 7bit X-Mailer: Evolution/0.10.99 (Preview Release) Date: 07 Jul 2001 15:15:07 +1200 Message-Id: <994475708.3662.4.camel@work> Mime-Version: 1.0 Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list Hi all, While I'm new to the list I'm aware of the archive and discussions. I don't need friendly advice that I should be using Jari's loopAES :-) OK, when I try and patch 2.4.6 with the international patch 2.4.3.1 I get this reject: patch -p1 -s < patch-int-2.4.3.1 1 out of 3 hunks FAILED -- saving rejects to file Makefile.rej (-s is silent unless there is a reject. A very useful option that only shows when there are patching problems) The contents of Makefile.rej are: *************** *** 118,130 **** CORE_FILES =kernel/kernel.o mm/mm.o fs/fs.o ipc/ipc.o NETWORKS =net/network.o DRIVERS =drivers/block/block.o \ drivers/char/char.o \ drivers/misc/misc.o \ drivers/net/net.o \ drivers/media/media.o LIBS =$(TOPDIR)/lib/lib.a - SUBDIRS =kernel drivers mm fs net ipc lib DRIVERS-n := DRIVERS-y := --- 118,131 ---- CORE_FILES =kernel/kernel.o mm/mm.o fs/fs.o ipc/ipc.o NETWORKS =net/network.o + CRYPTO =crypto/crypto.o DRIVERS =drivers/block/block.o \ drivers/char/char.o \ drivers/misc/misc.o \ drivers/net/net.o \ drivers/media/media.o LIBS =$(TOPDIR)/lib/lib.a + SUBDIRS =kernel drivers mm fs net ipc lib crypto DRIVERS-n := DRIVERS-y := -------------------------------------------------------- Now I know little about fixing patch rejects. So any newbie advice would be appreciated. It appears the Makefile cannot be successfully patched. Here's the relevant section of the Makefile: CORE_FILES =kernel/kernel.o mm/mm.o fs/fs.o ipc/ipc.o NETWORKS =net/network.o LIBS =$(TOPDIR)/lib/lib.a SUBDIRS =kernel drivers mm fs net ipc lib DRIVERS-n := DRIVERS-y := DRIVERS-m := DRIVERS- := DRIVERS-$(CONFIG_ACPI) += drivers/acpi/acpi.o DRIVERS-$(CONFIG_PARPORT) += drivers/parport/driver.o DRIVERS-y += drivers/char/char.o \ drivers/block/block.o \ drivers/misc/misc.o \ drivers/net/net.o \ drivers/media/media.o ----------------------------- Does this mean the patch failed because someone decided to move the DRIVERS section? If we fix this should we send the fix to Alexander Kjeldaas so he can upload a new 2.4.6 patch without rejects to here: http://www.kernel.org/pub/linux/kernel/crypto/v2.4/ In what form would such a submission look like? Would we send the complete fixed Makefile or a patch for the official 2.4.6 Makefile? Many thanks, Adam Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Sat Jul 7 09:30:31 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Sat, 7 Jul 2001 09:28:57 +0200 Received: from nationalcontractors.com ([207.173.117.117]:13060 "EHLO nationalcontractors.com") by humbolt.nl.linux.org with ESMTP id ; Sat, 7 Jul 2001 09:28:39 +0200 Received: from w2kpro01 (ppp-206-170-209-11.lsan03.pacbell.net [206.170.209.11]) by nationalcontractors.com (8.9.3/8.9.3) with SMTP id AAA06622 for ; Sat, 7 Jul 2001 00:33:00 -0700 (MST) (envelope-from stuart@bh90210.net) Reply-To: From: "IT3 Stuart B. Tener, USNR-R" To: Subject: RE: Crypto Choices Date: Sat, 7 Jul 2001 00:28:23 -0700 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) Importance: Normal In-Reply-To: <994474399.3799.3.camel@work> X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Disposition-Notification-To: "IT3 Stuart B. Tener, USNR-R" Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list Dear Sir: 1) I just downloaded/compiled/installed the 2.4.6 kernel from (http://www.kernel.org/pub/linux/kernel/v2.4/); I am standardizing on using the kernel.org kernel distributions from this day forward, no matter what distribution of Linux I use 2) I am going to grab the crypto patches from (http://www.kernel.org/pub/linux/kernel/crypto/v2.4/); and install them later tonight 3) I will download and read http://encryptionhowto.sourceforge.net/Encryption-HOWTO.html You referred to using a raw partition, perhaps I am not articulating my ideas properly, or worse not understand your response due to my own technical lack with regard to the crypto stuff (I am a "crypto" newbie, but do have 15 years of Unix Admin experience). Normally a raw partition would have a filesystem placed on it, my initial presumptions were you then place encryption on the filesystem, and I have now learned that after adding encryption a filesystem must be laid down again, thus adding a second layer of filesystem. I do not see the need for this, and have been advised that it is better to encrypt a raw partition, and then place a filesystem on top of the encrypted raw partition. Do I understand you correctly? Presuming what I understand is what you were recommending; do you see any problem with the filesystem that is going to overlay the encryption being a ReiserFS filesystem? If I understand all that you are saying with regard to the above; then I am presuming all I must do is wait for a resolution to the issues with in pursuit of patching 2.4.6, and I will be on my way. One person spoke in an email previously of using a smartcard and a pass phrase. I would like to expand on that a bit, and ask if anyone has thought of or tried using one of these USB or parallel port "eeprom" devices, which allows you to read it using a password. I have two USB ports on my laptop, and think that using two USB "keys" would be a nice way to avoid typing, and have a healthy level of security (or one USB key and one smartcard, etc.) Understanding I have not yet looked at the source to the International Patches, I wonder how difficult would it be have a "single location" to add code to pass a key read from a smart card or other device to the rest of the International Patch (or its entire API) for use whenever it needed the key. Predicated upon such a technology, we might even be able to integrate into the kernel a methodology of checking for a smart card's presence in general, thus taking an action (locking the keyboard, blanking the video display, hibernating the entire machine, etc.) upon detection that the user had removed the smart card, or USB device from the computer. Imagine, you are using the computer, your done, so you just pull your smart card or USB key out of its location, and the computer hibernates, shuts down, or just locks the keyboard and blanks the screen automatically! I am a laptop user, and currently do not have a manner to read smart cards on my laptop. Although, if I did have a manner to read smart cards on my laptop, it would be cool, since I am eventually going to get issued a smart card ID badge from the US Department of Defense ("US DOD") anyway (I am a Navy Reservist). That would make a wonderful key, as no one worldwide ought have the same information on it as me, as part of the information is medical history. I was told at one point, that the US DOD had chosen some sort of non-standard standard (it is a government standard, but not industry standard as I understand) to use with their smartcards. Is this true? Can an industry standard smartcard reader read a US DOD smartcard? Is it possible that if a US DOD smartcard was placed in an industry standard smartcard reader, that it would read the card dependably although never in an unencrypted manner, thus a user could use the encrypted data read as a key as well? Presuming for the sake of argument that I had a "SecureID" token (one with the changing numbers on it), is there a way to use it as a key for the crypto package? Very Respectfully, Stuart Blake Tener, IT3, USNR-R, N3GWG VTU 1904G (Volunteer Training Unit) stuart@bh90210.net west coast: (310)-358-0202 P.O. Box 16043, Beverly Hills, CA 90209-2043 east coast: (215)-338-6005 P.O. Box 45859, Philadelphia, PA 19149-5859 Telecopier: (419)-715-6073 fax to email gateway via www.efax.com (it's free!) JOIN THE US NAVY RESERVE, SERVE YOUR COUNTRY, AND BENEFIT FROM IT ALL. Friday, July 06, 2001 11:30 PM -----Original Message----- From: owner-linux-crypto@nl.linux.org [mailto:owner-linux-crypto@nl.linux.org]On Behalf Of Adam Warner Sent: Friday, July 06, 2001 7:53 PM To: linux-crypto@nl.linux.org Subject: Re: Crypto Choices Hi Stuart, Just joined the list so inline responding is difficult. You wrote: I have decided (for the moment) to standardize on the Mandrake 8.0 distribution of Linux for my installation. I have also read much more about the "International Patch" and its capabilities, and simply having an encrypted filesystem is not enough for me now. While that is the first and foremost issue I wish to tackle at the moment, I am interested in why some people the think the entire International Patch is garbage, and useless. I am told it does work to some extent. I reply: It is not garbage and useless. My advice would be to encrypt a separate partition. Then you don't have to worry about the underlying filesystem (because there won't be any). You wrote: In the Mandrake arena, does anyone know of a site which is keeping patches and such going for Mandrake folks? Does anyone know what Mandrakes position on supporting crypto will be in current and future releases (as Debian is rumored to be supporting crypto now). I reply: It's pretty much irrelevant. You're the one who has to patch the kernel and do whatever else in necessary as set out here: http://encryptionhowto.sourceforge.net/Encryption-HOWTO.html You may want to consider the overall security of your distribution of choice though. I trust Debian or Redhat to provide security patches in a timely manner. >I have gotten a spare HD to use as a "development" HD for this crypto project. Good. Then it will be easy to create a spare partition for testing. You wrote: I started by downloading the 2.4.5 source for Mandrake's kernel, and am going to build it once I get the crypto filesystem stuff working (rebuilding mount, umount, losetup, and loop.o currently). I reply: First mistake. You want to start with the "official" Linus kernel source available from here: http://www.kernel.org/pub/linux/kernel/v2.4/ And then patch the kernel using the patch available from here: http://www.kernel.org/pub/linux/kernel/crypto/v2.4/ See my next post. I'm sure someone will be able to help with the resulting patching failure. Regards, Adam Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Sat Jul 7 09:40:33 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Sat, 7 Jul 2001 09:39:05 +0200 Received: from juicer38.bigpond.com ([139.134.6.95]:3316 "EHLO mailin7.bigpond.com") by humbolt.nl.linux.org with ESMTP id ; Sat, 7 Jul 2001 09:38:49 +0200 Received: from rockhopper.fn.com.au ([144.135.24.72]) by mailin7.bigpond.com (Netscape Messaging Server 4.15) with SMTP id GG3EU500.20V; Sat, 7 Jul 2001 17:44:29 +1000 Received: from CPE-144-132-178-189.nsw.bigpond.net.au ([144.132.178.189]) by bwmam02.mailsvc.email.bigpond.com(MailRouter V2.9g 8317/9472677); 07 Jul 2001 17:44:29 Received: from chinstrap.fn.com.au (IDENT:root@chinstrap.fn.com.au [129.78.97.135]) by rockhopper.fn.com.au (8.9.3/8.9.3) with ESMTP id RAA18064; Sat, 7 Jul 2001 17:38:42 +1000 Received: (from srn@localhost) by chinstrap.fn.com.au (8.11.2/8.11.2) id f677hSZ02304; Sat, 7 Jul 2001 17:43:28 +1000 Date: Sat, 7 Jul 2001 17:43:28 +1000 From: Stephen Robert Norris To: "peter k." , "Michael H. Warfield" , Jari Ruusu , linux-crypto@nl.linux.org Subject: Re: Announce loop-AES-v1.3b file crypto package Message-ID: <20010707174328.C1225@chinstrap.nsw.bigpond.net.au> Reply-To: srn@fn.com.au References: <3B39D328.810C4CB3@pp.inet.fi> <001701c10651$97453f60$0100005a@host1> <20010706212312.A3357@alcove.wittsend.com> <001901c10685$f287fd20$0100005a@host1> <20010706220332.C3357@alcove.wittsend.com> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="7ZAtKRhVyVSsbBD2" Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010706220332.C3357@alcove.wittsend.com>; from mhw@wittsend.com on Fri, Jul 06, 2001 at 10:03:32PM -0400 Organisation: Farrow Norris Pty Ltd Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list --7ZAtKRhVyVSsbBD2 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Jul 06, 2001 at 10:03:32PM -0400, Michael H. Warfield wrote: > On Sat, Jul 07, 2001 at 03:41:13AM +0200, peter k. wrote: >=20 > > > > i saw that in the readme: "Password string has a minimum length of = 20 > > > > characters." > > > > aren't 10 byte passwords enough? i dont like having to learn 20 byte > > > > passwords =3D( >=20 > > > No, 10 byte passwords are NOT enough. Given that they are > > > printable ascii characters and subject to a variety of other entropy > > > reducing issues, a password "byte" is probably only worth about 6 > > > bits of entropy, maybe (probably) less. That gives you only about > > > 60 bits of strength against brute force. Not enough... >=20 > > > Rule of thumb... (although all "rules of thumb are bad since > > > they lead to guessible patterns.) Pass WORD is bad. Pass PHRASE is > > > better. Make it several words with number substitutions and odd > > > punctuation. Make at LEAST one word misspelled, especially if the > > > mispelling is one of the numbers. (Example: Wizard -> W122@rd!). > > > The sillier (or obnoxious, or obscene) the better (easier to remember, > > > harder to guess). Basic mnemonics. You won't forget and > > > 1t_wi11-b3=3D@.B1111t)H! t0 gu3ss..! (it will be a bitch to guess) := -) >=20 > > well, im usually using passwords like "4wj8s06bj2" or "7e1t91436g", not= any > > english or whatever words!! > > so if i would have to learn a 20 byte password in that format it would = be > > like "v1872cqad730lbsq53i8" or "0v7g25y0mp49n26yrntb" and learning that= isnt > > easy, is it? ;) >=20 > But that still doesn't buy you as much entropy as using a > longer passphrase that is mnemonic and easier to remember. Even if > you ASSUME that you can use totally random characters, that only > approaches 7 bits per character (but can never reach it) and is > still less than the strength of a well formed 20 character mnemonic > pass phrase that's easier to remember. Is this really true? According to Shnier's book, English text has about 1.5 bits of entropy/letter - a random password has about 6, so your passphrase will have to be a good deal longer, even with mis-spelt words... Mind you, I always use pass phrases when I can - but I whack in random digits & punctuation to keep it interesting... Stephen --=20 Stephen Norris srn@fn.com.au Farrow Norris Pty Ltd +61 417 243 239 --7ZAtKRhVyVSsbBD2 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE7Rr2fe+ykMRrETOURAl32AJwIEzKfsA6Z8eJAwFIi4JKPLYSxMwCfSBBq QMQ9mDP5sPga5Sy69plyLow= =4Dsv -----END PGP SIGNATURE----- --7ZAtKRhVyVSsbBD2-- Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Sat Jul 7 10:51:19 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Sat, 7 Jul 2001 10:49:49 +0200 Received: from alcove.wittsend.com ([130.205.0.20]:51086 "EHLO alcove.wittsend.com") by humbolt.nl.linux.org with ESMTP id ; Sat, 7 Jul 2001 10:49:31 +0200 Received: (from mhw@localhost) by alcove.wittsend.com (8.9.3/8.9.3) id EAA11755; Sat, 7 Jul 2001 04:48:56 -0400 Date: Sat, 7 Jul 2001 04:48:56 -0400 From: "Michael H. Warfield" To: Stephen Robert Norris Cc: "peter k." , "Michael H. Warfield" , Jari Ruusu , linux-crypto@nl.linux.org Subject: Re: Announce loop-AES-v1.3b file crypto package Message-ID: <20010707044856.B7726@alcove.wittsend.com> Mail-Followup-To: Stephen Robert Norris , "peter k." , "Michael H. Warfield" , Jari Ruusu , linux-crypto@nl.linux.org References: <3B39D328.810C4CB3@pp.inet.fi> <001701c10651$97453f60$0100005a@host1> <20010706212312.A3357@alcove.wittsend.com> <001901c10685$f287fd20$0100005a@host1> <20010706220332.C3357@alcove.wittsend.com> <20010707174328.C1225@chinstrap.nsw.bigpond.net.au> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.3.2i In-Reply-To: <20010707174328.C1225@chinstrap.nsw.bigpond.net.au>; from srn@fn.com.au on Sat, Jul 07, 2001 at 05:43:28PM +1000 Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list On Sat, Jul 07, 2001 at 05:43:28PM +1000, Stephen Robert Norris wrote: > On Fri, Jul 06, 2001 at 10:03:32PM -0400, Michael H. Warfield wrote: > > On Sat, Jul 07, 2001 at 03:41:13AM +0200, peter k. wrote: > > > > > > > i saw that in the readme: "Password string has a minimum length of 20 > > > > > characters." > > > > > aren't 10 byte passwords enough? i dont like having to learn 20 byte > > > > > passwords =( > > > > > > No, 10 byte passwords are NOT enough. Given that they are > > > > printable ascii characters and subject to a variety of other entropy > > > > reducing issues, a password "byte" is probably only worth about 6 > > > > bits of entropy, maybe (probably) less. That gives you only about > > > > 60 bits of strength against brute force. Not enough... > > > > > > Rule of thumb... (although all "rules of thumb are bad since > > > > they lead to guessible patterns.) Pass WORD is bad. Pass PHRASE is > > > > better. Make it several words with number substitutions and odd > > > > punctuation. Make at LEAST one word misspelled, especially if the > > > > mispelling is one of the numbers. (Example: Wizard -> W122@rd!). > > > > The sillier (or obnoxious, or obscene) the better (easier to remember, > > > > harder to guess). Basic mnemonics. You won't forget and > > > > 1t_wi11-b3=@.B1111t)H! t0 gu3ss..! (it will be a bitch to guess) :-) > > > > > well, im usually using passwords like "4wj8s06bj2" or "7e1t91436g", not any > > > english or whatever words!! > > > so if i would have to learn a 20 byte password in that format it would be > > > like "v1872cqad730lbsq53i8" or "0v7g25y0mp49n26yrntb" and learning that isnt > > > easy, is it? ;) > > > > But that still doesn't buy you as much entropy as using a > > longer passphrase that is mnemonic and easier to remember. Even if > > you ASSUME that you can use totally random characters, that only > > approaches 7 bits per character (but can never reach it) and is > > still less than the strength of a well formed 20 character mnemonic > > pass phrase that's easier to remember. > Is this really true? According to Shnier's book, English text has > about 1.5 bits of entropy/letter - a random password has about 6, > so your passphrase will have to be a good deal longer, even with mis-spelt > words... Read carefully what I said. I said that "even if you ASSUME that you can use totally random characters, that only approaches 7 bits". That means that it never reaches it. If you disallow all control characters, you lose another "1/2 bit" and a little white space, a few fragments more. If you were to ASSUME totally random printing characters, then you end up with something slightly less 96 characters (95) which is about half way between 6 bits and 7 bits. You CAN (in some cases) use control characters in passphrases but not in all cases (^A, ^B - probably, ^S, ^Q - I think not :-) ), so that only helps a little and gets you a little closer (approaches) to 7. The real point is that it's a BAD ASSUMPTION and you can never really reach 7 bits, so 6 is more realistic (and is why that's what I used in my first message). > Mind you, I always use pass phrases when I can - but I whack in random > digits & punctuation to keep it interesting... Second part of the statement "is still less than the strength of a 20 character mnemonic pass phrase" you have to go back to my earlier message. I also said to use misspelling and odd numbers and punctuation, so that's not "English text". So it sounds like we are in strong agreement here. So what's the "Is this really true" question? > Stephen > -- > Stephen Norris srn@fn.com.au > Farrow Norris Pty Ltd +61 417 243 239 Mike -- Michael H. Warfield | (770) 985-6132 | mhw@WittsEnd.com (The Mad Wizard) | (678) 463-0932 | http://www.wittsend.com/mhw/ NIC whois: MHW9 | An optimist believes we live in the best of all PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it! Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Sat Jul 7 11:45:45 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Sat, 7 Jul 2001 11:44:25 +0200 Received: from cm.med.3284844210.kabelnet.net ([195.202.190.178]:21778 "EHLO phobos.hvrlab.org") by humbolt.nl.linux.org with ESMTP id ; Sat, 7 Jul 2001 11:44:05 +0200 Received: from janus.txd.hvrlab.org (IDENT:hvr@janus.txd.hvrlab.org [10.51.1.5]) by phobos.hvrlab.org (8.9.3/8.9.3) with ESMTP id LAA16983; Sat, 7 Jul 2001 11:44:01 +0200 Date: Sat, 7 Jul 2001 11:44:00 +0200 (CEST) From: Herbert Valerio Riedel X-X-Sender: To: Adam Warner cc: Subject: Re: Patching 2.4.6--help fixing 1 hunk that failed In-Reply-To: <994475708.3662.4.camel@work> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list well, I've cleaned up the 2.4.3.1, it should apply cleanly to a vanilla 2.4.6 linux kernel, I've put up the patch as patch-int-2.4.6.{bz2,gz} to http://www.hvrlab.org/pub/crypto/ I've also taken the time to make a maintenaince release of the cryptoapi re-packagement of the international crypto patch (and includes some small cleanups still to be merged into the patch-version) known problems with the international crypto patch on 2.4.x: *) non-reentrant --> don't use it on SMP (unless you can enforce non-parallel execution of the transfer functions) if you want to do some work on it, please go ahead; I can tell you where you should begin to look at... *) transfer block size dependend IV size (there is a fix for this one in the cryptoapi re-package, see the included README file for more about it) I hope alexander is still around... :-/ regards, -- Herbert Valerio Riedel / Phone: (EUROPE) +43-1-58801-18840 Email: hvr@hvrlab.org / Finger hvr@gnu.org for GnuPG Public Key GnuPG Key Fingerprint: 7BB9 2D6C D485 CE64 4748 5F65 4981 E064 883F 4142 Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Sat Jul 7 12:05:03 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Sat, 7 Jul 2001 12:04:05 +0200 Received: from mail.win.co.nz ([210.55.230.193]:36618 "EHLO mail.win.co.nz") by humbolt.nl.linux.org with ESMTP id ; Sat, 7 Jul 2001 12:03:46 +0200 Received: from work (unknown [210.55.104.94]) by mail.win.co.nz (Postfix) with ESMTP id D46B25380BE for ; Sat, 7 Jul 2001 22:03:29 +1200 (NZST) Subject: Re: Patching 2.4.6--help fixing 1 hunk that failed From: Adam Warner To: linux-crypto@nl.linux.org In-Reply-To: References: Content-Type: text/plain Content-Transfer-Encoding: 7bit X-Mailer: Evolution/0.10.99 (Preview Release) Date: 07 Jul 2001 22:04:33 +1200 Message-Id: <994500274.277.0.camel@work> Mime-Version: 1.0 Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list On 07 Jul 2001 11:44:00 +0200, Herbert Valerio Riedel wrote: > > well, I've cleaned up the 2.4.3.1, it should apply cleanly to a vanilla > 2.4.6 linux kernel, I've put up the patch as patch-int-2.4.6.{bz2,gz} to > > http://www.hvrlab.org/pub/crypto/ > > I've also taken the time to make a maintenaince release of the cryptoapi > re-packagement of the international crypto patch (and includes some > small cleanups still to be merged into the patch-version) > > known problems with the international crypto patch on 2.4.x: > > *) non-reentrant --> don't use it on SMP (unless you can enforce > non-parallel execution of the transfer functions) > if you want to do some work on it, please go ahead; I can tell you where > you should begin to look at... ...said Herbert to the guy who needed help to fix a hunk failure :-) Thanks for the info. So what would you recommend for a guy with a Dual Celeron? Loop-AES ;-) (can anyone let me know if Loop-AES is SMP safe?) Regards, Adam Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Sat Jul 7 12:24:38 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Sat, 7 Jul 2001 12:22:59 +0200 Received: from mail.win.co.nz ([210.55.230.193]:47114 "EHLO mail.win.co.nz") by humbolt.nl.linux.org with ESMTP id ; Sat, 7 Jul 2001 12:22:39 +0200 Received: from work (unknown [210.55.104.94]) by mail.win.co.nz (Postfix) with ESMTP id 6D56F5380BE for ; Sat, 7 Jul 2001 22:22:22 +1200 (NZST) Subject: RE: Crypto Choices From: Adam Warner To: linux-crypto@nl.linux.org In-Reply-To: References: Content-Type: text/plain Content-Transfer-Encoding: 7bit X-Mailer: Evolution/0.10.99 (Preview Release) Date: 07 Jul 2001 22:23:26 +1200 Message-Id: <994501406.280.1.camel@work> Mime-Version: 1.0 Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list On 07 Jul 2001 00:28:23 -0700, IT3 Stuart B. Tener, USNR-R wrote: > Dear Sir: > > 1) I just downloaded/compiled/installed the 2.4.6 kernel from > (http://www.kernel.org/pub/linux/kernel/v2.4/); I am standardizing on using > the kernel.org kernel distributions from this day forward, no matter what > distribution of Linux I use > 2) I am going to grab the crypto patches from > (http://www.kernel.org/pub/linux/kernel/crypto/v2.4/); and install them > later tonight > 3) I will download and read > http://encryptionhowto.sourceforge.net/Encryption-HOWTO.html > Normally a raw partition would have a filesystem placed on it, my initial > presumptions were you then place encryption on the filesystem, and I have > now learned that after adding encryption a filesystem must be laid down > again, thus adding a second layer of filesystem. I do not see the need for > this, and have been advised that it is better to encrypt a raw partition, > and then place a filesystem on top of the encrypted raw partition. Do I > understand you correctly? Presuming what I understand is what you were > recommending; do you see any problem with the filesystem that is going to > overlay the encryption being a ReiserFS filesystem? Yes you do not need an underlying filesystem. Let me give you an example: Say /dev/hda2 is a spare partition that you want to encrypt. First you are supposed to put random data on the partition (this takes a while): dd if=/dev/urandom of=/dev/hda2 then you create an encrypted loop device on that partition: losetup -e /dev/loop0 /dev/hda2 Then you format it (you wanted to try reiserfs): mkreiserfs /dev/loop0 Then you mount it: mkdir /encrypted mount -t reiserfs /dev/loop0 /encrypted OK now unmount it: umount /dev/loop0 losetup -d /dev/loop0 And so on, see the HOWTO. If you did it right (and added the right entries to fstab) you will be asked for your password the next time you go to mount the partition. > If I understand all that you are saying with regard to the above; then I am > presuming all I must do is wait for a resolution to the issues with in > pursuit of patching 2.4.6, and I will be on my way. Yep, though Loop-AES is looking superior at this stage :-) I wasn't aware of the international kernel patch SMP issues (so am now open to advice about this). Regards, Adam Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Sat Jul 7 12:35:51 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Sat, 7 Jul 2001 12:34:11 +0200 Received: from pop.gmx.net ([194.221.183.20]:36378 "HELO mail.gmx.net") by humbolt.nl.linux.org with SMTP id ; Sat, 7 Jul 2001 12:33:51 +0200 Received: (qmail 26388 invoked by uid 0); 7 Jul 2001 10:33:49 -0000 Received: from p3ee33dde.dip.t-dialin.net (HELO host1) (62.227.61.222) by mail.gmx.net (mail09) with SMTP; 7 Jul 2001 10:33:49 -0000 Message-ID: <004e01c106d0$4ed91ba0$0100005a@host1> From: "peter k." To: "Michael H. Warfield" Cc: "Michael H. Warfield" , "Jari Ruusu" , References: <3B39D328.810C4CB3@pp.inet.fi> <001701c10651$97453f60$0100005a@host1> <20010706212312.A3357@alcove.wittsend.com> <001901c10685$f287fd20$0100005a@host1> <20010706220332.C3357@alcove.wittsend.com> Subject: Re: Announce loop-AES-v1.3b file crypto package Date: Sat, 7 Jul 2001 12:33:47 +0200 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4522.1200 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list > > well, im usually using passwords like "4wj8s06bj2" or "7e1t91436g", not any > > english or whatever words!! > > so if i would have to learn a 20 byte password in that format it would be > > like "v1872cqad730lbsq53i8" or "0v7g25y0mp49n26yrntb" and learning that isnt > > easy, is it? ;) > > But that still doesn't buy you as much entropy as using a > longer passphrase that is mnemonic and easier to remember. Even if > you ASSUME that you can use totally random characters, that only > approaches 7 bits per character (but can never reach it) and is > still less than the strength of a well formed 20 character mnemonic > pass phrase that's easier to remember. > ok, then i'll use a 20 byte password =/ btw, are 20 bytes enough or only the minimum? lol and are there some docs on the security of all those ciphers like AES, serpent, whatever? for example, when using that 20 byte password with AES, whats the probability that someone will be able to decrypt it without bruteforcing for years? im still trying to find out whats the best cipher / encryption package (like kernli, loop-AES) to use for getting the maximum security [with the shortest passwords even maybe?] ;) Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Sat Jul 7 12:59:15 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Sat, 7 Jul 2001 12:57:49 +0200 Received: from pentafluge.infradead.org ([195.224.55.251]:10505 "EHLO pentafluge.infradead.org") by humbolt.nl.linux.org with ESMTP id ; Sat, 7 Jul 2001 12:57:31 +0200 Received: from juicer24.bigpond.com ([139.134.6.34] helo=mailin3.email.bigpond.com) by pentafluge.infradead.org with esmtp (Exim 3.22 #1 (Red Hat Linux)) id 15Ipgh-0007dd-00 for ; Sat, 07 Jul 2001 11:51:48 +0100 Received: from rockhopper.fn.com.au ([139.134.4.54]) by mailin3.email.bigpond.com (Netscape Messaging Server 4.15) with SMTP id GG3O0W00.7YK; Sat, 7 Jul 2001 21:02:56 +1000 Received: from CPE-144-132-178-189.nsw.bigpond.net.au ([144.132.178.189]) by mail6.bigpond.com(MailRouter V2.9g 11/4093082); 07 Jul 2001 20:57:34 Received: from chinstrap.fn.com.au (IDENT:root@chinstrap.fn.com.au [129.78.97.135]) by rockhopper.fn.com.au (8.9.3/8.9.3) with ESMTP id UAA18397; Sat, 7 Jul 2001 20:57:04 +1000 Received: (from srn@localhost) by chinstrap.fn.com.au (8.11.2/8.11.2) id f67B1um03507; Sat, 7 Jul 2001 21:01:56 +1000 Date: Sat, 7 Jul 2001 21:01:56 +1000 From: Stephen Robert Norris To: Stephen Robert Norris , "peter k." , "Michael H. Warfield" , Jari Ruusu , linux-crypto@nl.linux.org Subject: Re: Announce loop-AES-v1.3b file crypto package Message-ID: <20010707210156.D1225@chinstrap.nsw.bigpond.net.au> Reply-To: srn@fn.com.au References: <3B39D328.810C4CB3@pp.inet.fi> <001701c10651$97453f60$0100005a@host1> <20010706212312.A3357@alcove.wittsend.com> <001901c10685$f287fd20$0100005a@host1> <20010706220332.C3357@alcove.wittsend.com> <20010707174328.C1225@chinstrap.nsw.bigpond.net.au> <20010707044856.B7726@alcove.wittsend.com> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="z4+8/lEcDcG5Ke9S" Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010707044856.B7726@alcove.wittsend.com>; from mhw@wittsend.com on Sat, Jul 07, 2001 at 04:48:56AM -0400 Organisation: Farrow Norris Pty Ltd Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list --z4+8/lEcDcG5Ke9S Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sat, Jul 07, 2001 at 04:48:56AM -0400, Michael H. Warfield wrote: > On Sat, Jul 07, 2001 at 05:43:28PM +1000, Stephen Robert Norris wrote: > > > But that still doesn't buy you as much entropy as using a > > > longer passphrase that is mnemonic and easier to remember. Even if > > > you ASSUME that you can use totally random characters, that only > > > approaches 7 bits per character (but can never reach it) and is > > > still less than the strength of a well formed 20 character mnemonic > > > pass phrase that's easier to remember. >=20 > > Is this really true? According to Shnier's book, English text has > > about 1.5 bits of entropy/letter - a random password has about 6, > > so your passphrase will have to be a good deal longer, even with mis-sp= elt > > words... >=20 > Read carefully what I said. I said that "even if you ASSUME > that you can use totally random characters, that only approaches > 7 bits". That means that it never reaches it. If you disallow all > control characters, you lose another "1/2 bit" and a little white > space, a few fragments more. If you were to ASSUME totally random > printing characters, then you end up with something slightly less > 96 characters (95) which is about half way between 6 bits and 7 bits. > You CAN (in some cases) use control characters in passphrases but not > in all cases (^A, ^B - probably, ^S, ^Q - I think not :-) ), so that > only helps a little and gets you a little closer (approaches) to 7. > The real point is that it's a BAD ASSUMPTION and you can never really > reach 7 bits, so 6 is more realistic (and is why that's what I used > in my first message). I'm not sure what the point of this is - _I_ said it was about 6, so you're arguing I'm wrong, because it's a bit _higher_? Which supports the original point. Let's say we get 10 characters at 6 bits/character =3D 60 bits. Let's be generous and say it's 2 bits/character for our modified English phrase - that means we need a 30 character passphrase. I guess my point is that saying it has to be at least 20 characters is meaningless; I can come up with 10 character passwords that have vastly more entropy than a 20 character English passphrase=20 (60 vs 30 bits). It seems that the 20 is really an arbitrary number that just happens to suit the way _some people_ like to chose passphrases... Stephen --=20 Stephen Norris srn@fn.com.au Farrow Norris Pty Ltd +61 417 243 239 --z4+8/lEcDcG5Ke9S Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE7Ruwje+ykMRrETOURAqnyAJ9tZQ5VyTzdfdlkYfnJpPd/+h8XlwCdH5ya wmapRZjrSMZnJR9jWghnJ+Q= =ca+x -----END PGP SIGNATURE----- --z4+8/lEcDcG5Ke9S-- Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Sat Jul 7 20:53:56 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Sat, 7 Jul 2001 20:53:49 +0200 Received: from nationalcontractors.com ([207.173.117.117]:21508 "EHLO nationalcontractors.com") by humbolt.nl.linux.org with ESMTP id ; Sat, 7 Jul 2001 20:53:38 +0200 Received: from w2kpro01 (ppp-206-170-210-107.lsan03.pacbell.net [206.170.210.107]) by nationalcontractors.com (8.9.3/8.9.3) with SMTP id LAA12130 for ; Sat, 7 Jul 2001 11:58:11 -0700 (MST) (envelope-from stuart@bh90210.net) Reply-To: From: "IT3 Stuart B. Tener, USNR-R" To: Subject: Using Crypto under LM8+2.4.6 Date: Sat, 7 Jul 2001 11:53:30 -0700 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Importance: Normal Disposition-Notification-To: "IT3 Stuart B. Tener, USNR-R" Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list To whom it shall concern: dd if=/dev/urandom of=test count=5000 losetup -e blowfish /dev/loop0 ./test (I also tried "AES", that failed too) I enter 128, and the password "123" (just for testing, I know better) I get the following error message: The cipher does not exist, or a cipher module needs to be loaded into the kernel ioctl: LOOP_SET_STATUS: Invalid argument I went into the /lib/modules/kernel/crypto directory and did an insmod on every ".o" file in there, still get the above message! I also patched util-linux-2.11g using the util-linux-2.11b patch (and yes it seemed to have worked okay). I built and installed the entire package. As well, perhaps someone can help me: I am not so conversant on using /etc/modules.conf; I would like these modules to get loaded automatically when needed as well, I have a modem driver, which I want to do the same, cant get that to work either (ltmodem, for using "linmodems") Very Respectfully, Stuart Blake Tener, IT3, USNR-R, N3GWG VTU 1904G (Volunteer Training Unit) stuart@bh90210.net west coast: (310)-358-0202 P.O. Box 16043, Beverly Hills, CA 90209-2043 east coast: (215)-338-6005 P.O. Box 45859, Philadelphia, PA 19149-5859 Telecopier: (419)-715-6073 fax to email gateway via www.efax.com (it's free!) JOIN THE US NAVY RESERVE, SERVE YOUR COUNTRY, AND BENEFIT FROM IT ALL. Saturday, July 07, 2001 11:49 AM Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Sat Jul 7 20:59:58 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Sat, 7 Jul 2001 20:58:30 +0200 Received: from alcove.wittsend.com ([130.205.0.20]:15001 "EHLO alcove.wittsend.com") by humbolt.nl.linux.org with ESMTP id ; Sat, 7 Jul 2001 20:58:14 +0200 Received: (from mhw@localhost) by alcove.wittsend.com (8.9.3/8.9.3) id OAA19904; Sat, 7 Jul 2001 14:57:46 -0400 Date: Sat, 7 Jul 2001 14:57:46 -0400 From: "Michael H. Warfield" To: Stephen Robert Norris Cc: "peter k." , "Michael H. Warfield" , Jari Ruusu , linux-crypto@nl.linux.org Subject: Re: Announce loop-AES-v1.3b file crypto package Message-ID: <20010707145746.C7726@alcove.wittsend.com> Mail-Followup-To: Stephen Robert Norris , "peter k." , "Michael H. Warfield" , Jari Ruusu , linux-crypto@nl.linux.org References: <3B39D328.810C4CB3@pp.inet.fi> <001701c10651$97453f60$0100005a@host1> <20010706212312.A3357@alcove.wittsend.com> <001901c10685$f287fd20$0100005a@host1> <20010706220332.C3357@alcove.wittsend.com> <20010707174328.C1225@chinstrap.nsw.bigpond.net.au> <20010707044856.B7726@alcove.wittsend.com> <20010707210156.D1225@chinstrap.nsw.bigpond.net.au> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.3.2i In-Reply-To: <20010707210156.D1225@chinstrap.nsw.bigpond.net.au>; from srn@fn.com.au on Sat, Jul 07, 2001 at 09:01:56PM +1000 Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list On Sat, Jul 07, 2001 at 09:01:56PM +1000, Stephen Robert Norris wrote: > On Sat, Jul 07, 2001 at 04:48:56AM -0400, Michael H. Warfield wrote: > > On Sat, Jul 07, 2001 at 05:43:28PM +1000, Stephen Robert Norris wrote: > > > > But that still doesn't buy you as much entropy as using a > > > > longer passphrase that is mnemonic and easier to remember. Even if > > > > you ASSUME that you can use totally random characters, that only > > > > approaches 7 bits per character (but can never reach it) and is > > > > still less than the strength of a well formed 20 character mnemonic > > > > pass phrase that's easier to remember. > > > Is this really true? According to Shnier's book, English text has > > > about 1.5 bits of entropy/letter - a random password has about 6, > > > so your passphrase will have to be a good deal longer, even with mis-spelt > > > words... > > Read carefully what I said. I said that "even if you ASSUME > > that you can use totally random characters, that only approaches > > 7 bits". That means that it never reaches it. If you disallow all > > control characters, you lose another "1/2 bit" and a little white > > space, a few fragments more. If you were to ASSUME totally random > > printing characters, then you end up with something slightly less > > 96 characters (95) which is about half way between 6 bits and 7 bits. > > You CAN (in some cases) use control characters in passphrases but not > > in all cases (^A, ^B - probably, ^S, ^Q - I think not :-) ), so that > > only helps a little and gets you a little closer (approaches) to 7. > > The real point is that it's a BAD ASSUMPTION and you can never really > > reach 7 bits, so 6 is more realistic (and is why that's what I used > > in my first message). > I'm not sure what the point of this is - _I_ said it was about 6, so > you're arguing I'm wrong, because it's a bit _higher_? Which supports > the original point. Ok... I think we are both in "violent agreement" on this point. I also stated 6 bits in my original message, so there is where we stand. I wasn't arguing that you were "wrong" on the 6. I had even stated 6 in a previous message and used very specific language on the 7. I was questioning your statement about that being wrong. You weren't clear on what you were objecting to. So I guess I wasn't sure what your point was. > Let's say we get 10 characters at 6 bits/character = 60 bits. > Let's be generous and say it's 2 bits/character for our modified English > phrase - that means we need a 30 character passphrase. Now here is where you are now invalid. The 1.5 bits is for English text and I don't know anyone who is arguing for English text. My argument was to use a mnemonic passphrase comprising mispellings, numerical substitutions (oh, I left out odd ball capitalizations) and strange punctuation. That does NOT relate to 1.5 bits nor even for 2 bits. In fact, it should be well over 3 bits of entropy and still be mnemonic in nature. The "break even" point would be at effective 3 bits per character and then the advantage still remains that it is mnemonic for the user. I'm rather good at coming up with passphrases that John the Ripper and Crack and L0phCrack have consistantly failed to break, but they are all still mnemonic (and long). In many cases, they are not even mnemonic to recite but are mnemonic to type (touch typing patterns) and that's a whole 'nother ball of wax. > I guess my point is that saying it has to be at least 20 characters > is meaningless; I can come up with 10 character passwords that > have vastly more entropy than a 20 character English passphrase > (60 vs 30 bits). But we are not talking about a plain English TEXT passphrase. You are misapplying the reference of 1.5 bits per character in English text to something that is only mnemonically related to it. That is what's inappropriate here. Since there is not a real good measure for what would be a mnemonic passphrase which is not plain text English, I'm not even sure how to approach the statistical modeling necessary to come up with a good figure for the entropy in non-plain-text-english mnemonic passphrases, but I will venture this as a guess... For every plaintext passphrases, there must exists a large number of related, non-plain-text passphrases which can be related through transposition, substitution, distortion, and other mechanisms. It's only necessary to devise one alternative passphrase option for each character position to increase the effective entropy by one bit. You can achieve this by a random mix of capitalizations alone (you just have to remember the sequence of capitals on your pass phrase). That takes us to 2.5 bits there alone. Four alternatives per character would yield two additional bits. Substituting numbers and punctuation into the plain text English accomplishes that. This is all within the realm of possibility (although some combinations of those distortions would become a reach). The mnemonic remains and the distortions are merely perterbations on the mnemonic. > It seems that the 20 is really an arbitrary number that just happens to > suit the way _some people_ like to chose passphrases... Actually, I think that what was being argued was that 10 was insufficient. The original poster was not asking if 20 was sufficient, he was asking if 10 wasn't sufficient. IMHO... 10 is not sufficient. The discussion is not over 20, it's over 10. Whether 20 is sufficient or not, depends on your use, but it's better than 10. Arguing that 10 characters is insufficient is NOT arguing that 20 is sufficient. 20 might be, with decent complexity checkers and it might not be if it were a clear plaintext passphrase. It might be total overkill if you are diciplined and have a good enough memory for high entropy shorter passwords. Certainly 60 bits (10 characters * 6 bits) is not safe from brute force attacks unless it is protected by other mechanisms. Ppdd wants TWO 24 character passphrases (48 characters or more total). Is that sufficient? Probably, in most cases. :-) Is it better than 20? Yeah, I think so, maybe... Does it have any bearing what so ever on whether or not 10 characters is insufficient? No. The argument was over the sufficiency of 10 characters. Long term, non-volitile, crypto protected by only 60 bits worth of "key" is subject to being brute force attacked given sufficient time, equipment, and incentive on the part of the attacker. You really REALLY want to protect it? You don't use 60 bits. > Stephen > -- > Stephen Norris srn@fn.com.au > Farrow Norris Pty Ltd +61 417 243 239 Mike -- Michael H. Warfield | (770) 985-6132 | mhw@WittsEnd.com (The Mad Wizard) | (678) 463-0932 | http://www.wittsend.com/mhw/ NIC whois: MHW9 | An optimist believes we live in the best of all PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it! Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Sat Jul 7 21:43:23 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Sat, 7 Jul 2001 21:41:53 +0200 Received: from pop.gmx.net ([194.221.183.20]:46571 "HELO mail.gmx.net") by humbolt.nl.linux.org with SMTP id ; Sat, 7 Jul 2001 21:41:45 +0200 Received: (qmail 15510 invoked by uid 0); 7 Jul 2001 19:41:44 -0000 Received: from p3ee33dde.dip.t-dialin.net (HELO host1) (62.227.61.222) by mail.gmx.net (mp003-rz3) with SMTP; 7 Jul 2001 19:41:44 -0000 Message-ID: <002c01c1071c$d8f38040$0100005a@host1> From: "peter k." To: "Michael H. Warfield" Cc: "Jari Ruusu" , References: <3B39D328.810C4CB3@pp.inet.fi> <001701c10651$97453f60$0100005a@host1> <20010706212312.A3357@alcove.wittsend.com> <001901c10685$f287fd20$0100005a@host1> <20010706220332.C3357@alcove.wittsend.com> <20010707174328.C1225@chinstrap.nsw.bigpond.net.au> <20010707044856.B7726@alcove.wittsend.com> <20010707210156.D1225@chinstrap.nsw.bigpond.net.au> <20010707145746.C7726@alcove.wittsend.com> Subject: Re: Announce loop-AES-v1.3b file crypto package Date: Sat, 7 Jul 2001 21:41:41 +0200 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4522.1200 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list > Actually, I think that what was being argued was that 10 was > insufficient. The original poster was not asking if 20 was sufficient, > he was asking if 10 wasn't sufficient. IMHO... 10 is not sufficient. > The discussion is not over 20, it's over 10. > > Whether 20 is sufficient or not, depends on your use, but it's > better than 10. Arguing that 10 characters is insufficient is NOT arguing > that 20 is sufficient. 20 might be, with decent complexity checkers and > it might not be if it were a clear plaintext passphrase. It might be > total overkill if you are diciplined and have a good enough memory for > high entropy shorter passwords. Certainly 60 bits (10 characters * 6 bits) > is not safe from brute force attacks unless it is protected by other > mechanisms. > > Ppdd wants TWO 24 character passphrases (48 characters or more > total). Is that sufficient? Probably, in most cases. :-) Is it better > than 20? Yeah, I think so, maybe... Does it have any bearing what so > ever on whether or not 10 characters is insufficient? No. > > The argument was over the sufficiency of 10 characters. > Long term, non-volitile, crypto protected by only 60 bits worth of > "key" is subject to being brute force attacked given sufficient > time, equipment, and incentive on the part of the attacker. You > really REALLY want to protect it? You don't use 60 bits. > well, how much time and what equipment would you need for bruteforcing a 10 byte pw? 3 years of ASCI White? ;) [note that im not talkin about distributed computing which is able to decrypt stuff protected by 10 bytes of course] ... and what about 20 bytes then? 10 bytes of a-z and 0-9 thats 36^10=3,656,158,440,062,976 possible passwords... hmm, i'll use 20 bytes and AES128 anyway, but again: is that the minimal length or is it really enough? what about 15 bytes? Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Sat Jul 7 23:45:52 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Sat, 7 Jul 2001 23:43:35 +0200 Received: from juicer13.bigpond.com ([139.134.6.21]:15579 "EHLO mailin1.bigpond.com") by humbolt.nl.linux.org with ESMTP id ; Sat, 7 Jul 2001 23:43:20 +0200 Received: from rockhopper.fn.com.au ([139.134.4.58]) by mailin1.bigpond.com (Netscape Messaging Server 4.15) with SMTP id GG4HXL00.G61; Sun, 8 Jul 2001 07:48:57 +1000 Received: from CPE-144-132-178-189.nsw.bigpond.net.au ([144.132.178.189]) by mail1.bigpond.com(MailRouter V2.9g 1/4690248); 08 Jul 2001 07:43:50 Received: from chinstrap.fn.com.au (IDENT:root@chinstrap.fn.com.au [129.78.97.135]) by rockhopper.fn.com.au (8.9.3/8.9.3) with ESMTP id HAA22121; Sun, 8 Jul 2001 07:43:09 +1000 Received: (from srn@localhost) by chinstrap.fn.com.au (8.11.2/8.11.2) id f67Lm0W15160; Sun, 8 Jul 2001 07:48:00 +1000 Date: Sun, 8 Jul 2001 07:48:00 +1000 From: Stephen Robert Norris To: Stephen Robert Norris , "peter k." , "Michael H. Warfield" , Jari Ruusu , linux-crypto@nl.linux.org Subject: Re: Announce loop-AES-v1.3b file crypto package Message-ID: <20010708074800.G1225@chinstrap.nsw.bigpond.net.au> Reply-To: srn@fn.com.au References: <3B39D328.810C4CB3@pp.inet.fi> <001701c10651$97453f60$0100005a@host1> <20010706212312.A3357@alcove.wittsend.com> <001901c10685$f287fd20$0100005a@host1> <20010706220332.C3357@alcove.wittsend.com> <20010707174328.C1225@chinstrap.nsw.bigpond.net.au> <20010707044856.B7726@alcove.wittsend.com> <20010707210156.D1225@chinstrap.nsw.bigpond.net.au> <20010707145746.C7726@alcove.wittsend.com> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="FeAIMMcddNRN4P4/" Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010707145746.C7726@alcove.wittsend.com>; from mhw@wittsend.com on Sat, Jul 07, 2001 at 02:57:46PM -0400 Organisation: Farrow Norris Pty Ltd Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list --FeAIMMcddNRN4P4/ Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sat, Jul 07, 2001 at 02:57:46PM -0400, Michael H. Warfield wrote: > > I guess my point is that saying it has to be at least 20 characters > > is meaningless; I can come up with 10 character passwords that > > have vastly more entropy than a 20 character English passphrase=20 > > (60 vs 30 bits). >=20 > But we are not talking about a plain English TEXT passphrase. > You are misapplying the reference of 1.5 bits per character in English > text to something that is only mnemonically related to it. That is > what's inappropriate here. >=20 > Since there is not a real good measure for what would be a > mnemonic passphrase which is not plain text English, I'm not even sure > how to approach the statistical modeling necessary to come up with a > good figure for the entropy in non-plain-text-english mnemonic passphrase= s, > but I will venture this as a guess... For every plaintext passphrases, > there must exists a large number of related, non-plain-text passphrases > which can be related through transposition, substitution, distortion, and > other mechanisms. It's only necessary to devise one alternative > passphrase option for each character position to increase the effective > entropy by one bit. You can achieve this by a random mix of capitalizati= ons > alone (you just have to remember the sequence of capitals on your pass > phrase). That takes us to 2.5 bits there alone. Four alternatives per > character would yield two additional bits. Substituting numbers and > punctuation into the plain text English accomplishes that. This is all > within the realm of possibility (although some combinations of those > distortions would become a reach). The mnemonic remains and the distorti= ons > are merely perterbations on the mnemonic. >=20 > > It seems that the 20 is really an arbitrary number that just happens to > > suit the way _some people_ like to chose passphrases... >=20 > Actually, I think that what was being argued was that 10 was > insufficient. The original poster was not asking if 20 was sufficient, > he was asking if 10 wasn't sufficient. IMHO... 10 is not sufficient. > The discussion is not over 20, it's over 10. >=20 > Whether 20 is sufficient or not, depends on your use, but it's > better than 10. Arguing that 10 characters is insufficient is NOT arguing > that 20 is sufficient. 20 might be, with decent complexity checkers and > it might not be if it were a clear plaintext passphrase. It might be > total overkill if you are diciplined and have a good enough memory for > high entropy shorter passwords. Certainly 60 bits (10 characters * 6 bit= s) > is not safe from brute force attacks unless it is protected by other > mechanisms. >=20 > Ppdd wants TWO 24 character passphrases (48 characters or more > total). Is that sufficient? Probably, in most cases. :-) Is it better > than 20? Yeah, I think so, maybe... Does it have any bearing what so > ever on whether or not 10 characters is insufficient? No. >=20 > The argument was over the sufficiency of 10 characters. > Long term, non-volitile, crypto protected by only 60 bits worth of > "key" is subject to being brute force attacked given sufficient > time, equipment, and incentive on the part of the attacker. You > really REALLY want to protect it? You don't use 60 bits. The last sentence is the point, I guess. 10 is too small. 20 is too small unless it's completely random (120 bits). 80 is too small for plain English. In general, the passphrase should contain at least as much entropy as the key, or it's easier to brute force the passphrase than the key. Sorry this has turned into something of an argument - really I should have just made that point and left the discussion. To the original poster: If you're using 256 bit AES, you should have at least 256 bits of entropy in the passphrase - so for a completely random alphanumeric passphrase, that's about 45 characters. For a section of normal English it's about 170. For "randomised" English (for lack of a better term) it's somewhere inbetween. Now, what do people really use? Do they write them down? I store my passphrases in a Palm encrypted under another passphrase. Stephen --=20 Stephen Norris srn@fn.com.au Farrow Norris Pty Ltd +61 417 243 239 --FeAIMMcddNRN4P4/ Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE7R4OPe+ykMRrETOURApxvAKCflpc1OZE7ONnTMYcVANxGqkd1/QCg1hD4 ioacugly5UvbURjLQSYwxZk= =KqP9 -----END PGP SIGNATURE----- --FeAIMMcddNRN4P4/-- Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Sun Jul 8 01:34:15 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Sun, 8 Jul 2001 01:32:46 +0200 Received: from nationalcontractors.com ([207.173.117.117]:26628 "EHLO nationalcontractors.com") by humbolt.nl.linux.org with ESMTP id ; Sun, 8 Jul 2001 01:32:39 +0200 Received: from w2kpro01 (ppp-206-170-210-105.lsan03.pacbell.net [206.170.210.105]) by nationalcontractors.com (8.9.3/8.9.3) with SMTP id QAA13884; Sat, 7 Jul 2001 16:36:17 -0700 (MST) (envelope-from stuart@bh90210.net) Reply-To: From: "IT3 Stuart B. Tener, USNR-R" To: , "peter k." , "Michael H. Warfield" , "Jari Ruusu" , Subject: RE: Announce loop-AES-v1.3b file crypto package Date: Sat, 7 Jul 2001 16:31:40 -0700 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) In-Reply-To: <20010708074800.G1225@chinstrap.nsw.bigpond.net.au> X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Importance: Normal Disposition-Notification-To: "IT3 Stuart B. Tener, USNR-R" Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list Dear list members: I must admit I find a great deal of this entire thread to be rather entertaining. Unless I am mistaken, I watched two people just spend several emails arguing over typing five characters at one point. How it is possible you can have the time to care about cryptography to the extent to install and use it, but not have the time to care to remember or type an additional 5 characters, when its YOUR OWN DATA you are protecting, is far beyond the scope of my comprehension. What is wrong with English sentences when mixed random words? Example: "My friend Albert is a big putz! Grapes!" <- this is easy to remember, and it has 40 characters. I am curious if anyone has written a script or C program to translate English text into English/numerical text (hello to h3ll0). Very Respectfully, Stuart Blake Tener, IT3, USNR-R, N3GWG VTU 1904G (Volunteer Training Unit) stuart@bh90210.net west coast: (310)-358-0202 P.O. Box 16043, Beverly Hills, CA 90209-2043 east coast: (215)-338-6005 P.O. Box 45859, Philadelphia, PA 19149-5859 Telecopier: (419)-715-6073 fax to email gateway via www.efax.com (it's free!) JOIN THE US NAVY RESERVE, SERVE YOUR COUNTRY, AND BENEFIT FROM IT ALL. Saturday, July 07, 2001 4:24 PM -----Original Message----- From: owner-linux-crypto@nl.linux.org [mailto:owner-linux-crypto@nl.linux.org]On Behalf Of Stephen Robert Norris Sent: Saturday, July 07, 2001 2:48 PM To: Stephen Robert Norris; peter k.; Michael H. Warfield; Jari Ruusu; linux-crypto@nl.linux.org Subject: Re: Announce loop-AES-v1.3b file crypto package On Sat, Jul 07, 2001 at 02:57:46PM -0400, Michael H. Warfield wrote: > > I guess my point is that saying it has to be at least 20 characters > > is meaningless; I can come up with 10 character passwords that > > have vastly more entropy than a 20 character English passphrase > > (60 vs 30 bits). > > But we are not talking about a plain English TEXT passphrase. > You are misapplying the reference of 1.5 bits per character in English > text to something that is only mnemonically related to it. That is > what's inappropriate here. > > Since there is not a real good measure for what would be a > mnemonic passphrase which is not plain text English, I'm not even sure > how to approach the statistical modeling necessary to come up with a > good figure for the entropy in non-plain-text-english mnemonic passphrases, > but I will venture this as a guess... For every plaintext passphrases, > there must exists a large number of related, non-plain-text passphrases > which can be related through transposition, substitution, distortion, and > other mechanisms. It's only necessary to devise one alternative > passphrase option for each character position to increase the effective > entropy by one bit. You can achieve this by a random mix of capitalizations > alone (you just have to remember the sequence of capitals on your pass > phrase). That takes us to 2.5 bits there alone. Four alternatives per > character would yield two additional bits. Substituting numbers and > punctuation into the plain text English accomplishes that. This is all > within the realm of possibility (although some combinations of those > distortions would become a reach). The mnemonic remains and the distortions > are merely perterbations on the mnemonic. > > > It seems that the 20 is really an arbitrary number that just happens to > > suit the way _some people_ like to chose passphrases... > > Actually, I think that what was being argued was that 10 was > insufficient. The original poster was not asking if 20 was sufficient, > he was asking if 10 wasn't sufficient. IMHO... 10 is not sufficient. > The discussion is not over 20, it's over 10. > > Whether 20 is sufficient or not, depends on your use, but it's > better than 10. Arguing that 10 characters is insufficient is NOT arguing > that 20 is sufficient. 20 might be, with decent complexity checkers and > it might not be if it were a clear plaintext passphrase. It might be > total overkill if you are diciplined and have a good enough memory for > high entropy shorter passwords. Certainly 60 bits (10 characters * 6 bits) > is not safe from brute force attacks unless it is protected by other > mechanisms. > > Ppdd wants TWO 24 character passphrases (48 characters or more > total). Is that sufficient? Probably, in most cases. :-) Is it better > than 20? Yeah, I think so, maybe... Does it have any bearing what so > ever on whether or not 10 characters is insufficient? No. > > The argument was over the sufficiency of 10 characters. > Long term, non-volitile, crypto protected by only 60 bits worth of > "key" is subject to being brute force attacked given sufficient > time, equipment, and incentive on the part of the attacker. You > really REALLY want to protect it? You don't use 60 bits. The last sentence is the point, I guess. 10 is too small. 20 is too small unless it's completely random (120 bits). 80 is too small for plain English. In general, the passphrase should contain at least as much entropy as the key, or it's easier to brute force the passphrase than the key. Sorry this has turned into something of an argument - really I should have just made that point and left the discussion. To the original poster: If you're using 256 bit AES, you should have at least 256 bits of entropy in the passphrase - so for a completely random alphanumeric passphrase, that's about 45 characters. For a section of normal English it's about 170. For "randomised" English (for lack of a better term) it's somewhere inbetween. Now, what do people really use? Do they write them down? I store my passphrases in a Palm encrypted under another passphrase. Stephen -- Stephen Norris srn@fn.com.au Farrow Norris Pty Ltd +61 417 243 239 Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Sun Jul 8 01:37:06 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Sun, 8 Jul 2001 01:34:29 +0200 Received: from nationalcontractors.com ([207.173.117.117]:28164 "EHLO nationalcontractors.com") by humbolt.nl.linux.org with ESMTP id ; Sun, 8 Jul 2001 01:34:13 +0200 Received: from w2kpro01 (ppp-206-170-210-105.lsan03.pacbell.net [206.170.210.105]) by nationalcontractors.com (8.9.3/8.9.3) with SMTP id QAA13910; Sat, 7 Jul 2001 16:38:23 -0700 (MST) (envelope-from stuart@bh90210.net) Reply-To: From: "IT3 Stuart B. Tener, USNR-R" To: , "peter k." , "Michael H. Warfield" , "Jari Ruusu" , Subject: RE: Announce loop-AES-v1.3b file crypto package Date: Sat, 7 Jul 2001 16:33:46 -0700 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) In-Reply-To: <20010708074800.G1225@chinstrap.nsw.bigpond.net.au> X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Importance: Normal Disposition-Notification-To: "IT3 Stuart B. Tener, USNR-R" Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list Dear list members: I must admit I find a great deal of this entire thread to be rather entertaining. Unless I am mistaken, I watched two people just spend several emails arguing over typing five characters at one point. How it is possible you can have the time to care about cryptography to the extent to install and use it, but not have the time to care to remember or type an additional 5 characters, when its YOUR OWN DATA you are protecting, is far beyond the scope of my comprehension. What is wrong with English sentences when mixed random words? Example: "The telephone is a useful invention! Grapes!" <- this is easy to remember, and it has 44 characters. I am curious if anyone has written a script or C program to translate English text into English/numerical text (hello to h3ll0). Very Respectfully, Stuart Blake Tener, IT3, USNR-R, N3GWG VTU 1904G (Volunteer Training Unit) stuart@bh90210.net west coast: (310)-358-0202 P.O. Box 16043, Beverly Hills, CA 90209-2043 east coast: (215)-338-6005 P.O. Box 45859, Philadelphia, PA 19149-5859 Telecopier: (419)-715-6073 fax to email gateway via www.efax.com (it's free!) JOIN THE US NAVY RESERVE, SERVE YOUR COUNTRY, AND BENEFIT FROM IT ALL. Saturday, July 07, 2001 4:24 PM -----Original Message----- From: owner-linux-crypto@nl.linux.org [mailto:owner-linux-crypto@nl.linux.org]On Behalf Of Stephen Robert Norris Sent: Saturday, July 07, 2001 2:48 PM To: Stephen Robert Norris; peter k.; Michael H. Warfield; Jari Ruusu; linux-crypto@nl.linux.org Subject: Re: Announce loop-AES-v1.3b file crypto package On Sat, Jul 07, 2001 at 02:57:46PM -0400, Michael H. Warfield wrote: > > I guess my point is that saying it has to be at least 20 characters > > is meaningless; I can come up with 10 character passwords that > > have vastly more entropy than a 20 character English passphrase > > (60 vs 30 bits). > > But we are not talking about a plain English TEXT passphrase. > You are misapplying the reference of 1.5 bits per character in English > text to something that is only mnemonically related to it. That is > what's inappropriate here. > > Since there is not a real good measure for what would be a > mnemonic passphrase which is not plain text English, I'm not even sure > how to approach the statistical modeling necessary to come up with a > good figure for the entropy in non-plain-text-english mnemonic passphrases, > but I will venture this as a guess... For every plaintext passphrases, > there must exists a large number of related, non-plain-text passphrases > which can be related through transposition, substitution, distortion, and > other mechanisms. It's only necessary to devise one alternative > passphrase option for each character position to increase the effective > entropy by one bit. You can achieve this by a random mix of capitalizations > alone (you just have to remember the sequence of capitals on your pass > phrase). That takes us to 2.5 bits there alone. Four alternatives per > character would yield two additional bits. Substituting numbers and > punctuation into the plain text English accomplishes that. This is all > within the realm of possibility (although some combinations of those > distortions would become a reach). The mnemonic remains and the distortions > are merely perterbations on the mnemonic. > > > It seems that the 20 is really an arbitrary number that just happens to > > suit the way _some people_ like to chose passphrases... > > Actually, I think that what was being argued was that 10 was > insufficient. The original poster was not asking if 20 was sufficient, > he was asking if 10 wasn't sufficient. IMHO... 10 is not sufficient. > The discussion is not over 20, it's over 10. > > Whether 20 is sufficient or not, depends on your use, but it's > better than 10. Arguing that 10 characters is insufficient is NOT arguing > that 20 is sufficient. 20 might be, with decent complexity checkers and > it might not be if it were a clear plaintext passphrase. It might be > total overkill if you are diciplined and have a good enough memory for > high entropy shorter passwords. Certainly 60 bits (10 characters * 6 bits) > is not safe from brute force attacks unless it is protected by other > mechanisms. > > Ppdd wants TWO 24 character passphrases (48 characters or more > total). Is that sufficient? Probably, in most cases. :-) Is it better > than 20? Yeah, I think so, maybe... Does it have any bearing what so > ever on whether or not 10 characters is insufficient? No. > > The argument was over the sufficiency of 10 characters. > Long term, non-volitile, crypto protected by only 60 bits worth of > "key" is subject to being brute force attacked given sufficient > time, equipment, and incentive on the part of the attacker. You > really REALLY want to protect it? You don't use 60 bits. The last sentence is the point, I guess. 10 is too small. 20 is too small unless it's completely random (120 bits). 80 is too small for plain English. In general, the passphrase should contain at least as much entropy as the key, or it's easier to brute force the passphrase than the key. Sorry this has turned into something of an argument - really I should have just made that point and left the discussion. To the original poster: If you're using 256 bit AES, you should have at least 256 bits of entropy in the passphrase - so for a completely random alphanumeric passphrase, that's about 45 characters. For a section of normal English it's about 170. For "randomised" English (for lack of a better term) it's somewhere inbetween. Now, what do people really use? Do they write them down? I store my passphrases in a Palm encrypted under another passphrase. Stephen -- Stephen Norris srn@fn.com.au Farrow Norris Pty Ltd +61 417 243 239 Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Sun Jul 8 02:19:01 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Sun, 8 Jul 2001 02:17:19 +0200 Received: from mail.win.co.nz ([210.55.230.193]:2064 "EHLO mail.win.co.nz") by humbolt.nl.linux.org with ESMTP id ; Sun, 8 Jul 2001 02:17:08 +0200 Received: from work (unknown [210.55.104.94]) by mail.win.co.nz (Postfix) with ESMTP id 248075380B7 for ; Sun, 8 Jul 2001 12:16:31 +1200 (NZST) Subject: Re: Using Crypto under LM8+2.4.6 From: Adam Warner To: linux-crypto@nl.linux.org In-Reply-To: References: Content-Type: text/plain Content-Transfer-Encoding: 7bit X-Mailer: Evolution/0.10.99 (Preview Release) Date: 08 Jul 2001 12:17:37 +1200 Message-Id: <994551457.645.0.camel@work> Mime-Version: 1.0 Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list Did you compile in all the relevant kernel options? (Loopback, enable loopback encryption, the separate set of crypto options?) The howto is very well set out. Adam Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Sun Jul 8 02:27:59 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Sun, 8 Jul 2001 02:27:33 +0200 Received: from pentafluge.infradead.org ([195.224.55.251]:47114 "EHLO pentafluge.infradead.org") by humbolt.nl.linux.org with ESMTP id ; Sun, 8 Jul 2001 02:27:21 +0200 Received: from juicer35.bigpond.com ([139.134.6.87] helo=mailin10.bigpond.com) by pentafluge.infradead.org with esmtp (Exim 3.22 #1 (Red Hat Linux)) id 15J2KR-0008ST-00 for ; Sun, 08 Jul 2001 01:21:39 +0100 Received: from rockhopper.fn.com.au ([139.134.4.57]) by mailin10.bigpond.com (Netscape Messaging Server 4.15) with SMTP id GG4PIP00.5WA; Sun, 8 Jul 2001 10:32:49 +1000 Received: from CPE-144-132-178-189.nsw.bigpond.net.au ([144.132.178.189]) by mail2.bigpond.com(MailRouter V2.9g 3/4848581); 08 Jul 2001 10:27:17 Received: from chinstrap.fn.com.au (IDENT:root@chinstrap.fn.com.au [129.78.97.135]) by rockhopper.fn.com.au (8.9.3/8.9.3) with ESMTP id KAA22408; Sun, 8 Jul 2001 10:27:02 +1000 Received: (from srn@localhost) by chinstrap.fn.com.au (8.11.2/8.11.2) id f680VpW15616; Sun, 8 Jul 2001 10:31:51 +1000 Date: Sun, 8 Jul 2001 10:31:51 +1000 From: Stephen Robert Norris To: "IT3 Stuart B. Tener, USNR-R" Cc: srn@fn.com.au, "peter k." , "Michael H. Warfield" , Jari Ruusu , linux-crypto@nl.linux.org Subject: Re: Announce loop-AES-v1.3b file crypto package Message-ID: <20010708103151.H1225@chinstrap.nsw.bigpond.net.au> Reply-To: srn@fn.com.au References: <20010708074800.G1225@chinstrap.nsw.bigpond.net.au> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="Fnm8lRGFTVS/3GuM" Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: ; from stuart@bh90210.net on Sat, Jul 07, 2001 at 04:33:46PM -0700 Organisation: Farrow Norris Pty Ltd Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list --Fnm8lRGFTVS/3GuM Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sat, Jul 07, 2001 at 04:33:46PM -0700, IT3 Stuart B. Tener, USNR-R wrote: > Dear list members: >=20 > I must admit I find a great deal of this entire thread to be rath= er > entertaining. Unless I am mistaken, I watched two people just spend sever= al > emails arguing over typing five characters at one point. How it is possib= le > you can have the time to care about cryptography to the extent to install > and use it, but not have the time to care to remember or type an addition= al > 5 characters, when its YOUR OWN DATA you are protecting, is far beyond the > scope of my comprehension. >=20 > What is wrong with English sentences when mixed random words? >=20 > Example: "The telephone is a useful invention! Grapes!" <- this is > easy to remember, and it has 44 characters. I am curious if anyone has > written a script or C program to translate English text into > English/numerical text (hello to h3ll0). I couldn't agree more. However, your example is an extremely good example of what not to do. It's 45 characters long. The first 36 are definately "normal english text" - let's assign them 2 bits each (72 bits). The rest is harder - let's pretend it's worth 3 bits each (24 bits). So tha= t's a total of 96 bits protecting your key... Now, in reality it's easier than this - after all, an attacker can try letters & punctuation first, and you even obey normal capital placing rules, so that simplifies things. It's not a good passphrase. A random 10 character one might well be better! I think my general complaint is that people's intuition about what makes a good passphrase is bad :) Stephen --=20 Stephen Norris srn@fn.com.au Farrow Norris Pty Ltd +61 417 243 239 --Fnm8lRGFTVS/3GuM Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE7R6n2e+ykMRrETOURAgroAJ9eDyY1rOffRXIYwRxhHEvosZ+XRACfaAN6 zXediQdXqZhI5bgVJRd64/w= =uHV6 -----END PGP SIGNATURE----- --Fnm8lRGFTVS/3GuM-- Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Sun Jul 8 02:35:45 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Sun, 8 Jul 2001 02:35:29 +0200 Received: from nationalcontractors.com ([207.173.117.117]:30724 "EHLO nationalcontractors.com") by humbolt.nl.linux.org with ESMTP id ; Sun, 8 Jul 2001 02:35:13 +0200 Received: from w2kpro01 (ppp-206-170-210-194.lsan03.pacbell.net [206.170.210.194]) by nationalcontractors.com (8.9.3/8.9.3) with SMTP id RAA14217; Sat, 7 Jul 2001 17:39:36 -0700 (MST) (envelope-from stuart@bh90210.net) Reply-To: From: "IT3 Stuart B. Tener, USNR-R" To: "Adam Warner" , Subject: RE: Using Crypto under LM8+2.4.6 Date: Sat, 7 Jul 2001 17:35:00 -0700 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 In-Reply-To: <994551457.645.0.camel@work> Importance: Normal Disposition-Notification-To: "IT3 Stuart B. Tener, USNR-R" Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list Mr. Warner, et al.: Well, I believe so. However, later tonight I will try to post a copy of my ".config" so you can review it. Which FAQ are you speaking of? If you mean the one that comes with the documentation for the patch, I have read it "FAQ.txt" or whatever it is called. From a "newbies" point of view, why can we implement any of the following ideas? Does the crypto package work in connection with the encryption of passwords stored in /etc/passwd at all? If not, is such functionality planned? In order to address the ability to simplify the installation of cryptographic technology into the Linux kernel, and exact a more integrated cooperative functionality between cryptographic technology and the areas within the Linux kernel where it could be leveraged, I am curious why the skeleton of the cryptographic technology is not integrated into the main ("non International kernel"), and thus only forcing the addition of encryption modules for encryption be usable. Let me explain further..... We have to patch "mount" and "unmount", why? Why not place the code for doing the cryptographic work permanently into those programs, and supply (with the "non International Kernel") dummy encryption modules which simply return the text they were passed, thus doing no work. Then in order to add cryptographic ability to a particular release, all that would be necessary was to replace the dummy modules with real working ones? Just an idea..... Very Respectfully, Stuart Blake Tener, IT3, USNR-R, N3GWG VTU 1904G (Volunteer Training Unit) stuart@bh90210.net west coast: (310)-358-0202 P.O. Box 16043, Beverly Hills, CA 90209-2043 east coast: (215)-338-6005 P.O. Box 45859, Philadelphia, PA 19149-5859 Telecopier: (419)-715-6073 fax to email gateway via www.efax.com (it's free!) JOIN THE US NAVY RESERVE, SERVE YOUR COUNTRY, AND BENEFIT FROM IT ALL. Saturday, July 07, 2001 5:21 PM -----Original Message----- From: owner-linux-crypto@nl.linux.org [mailto:owner-linux-crypto@nl.linux.org]On Behalf Of Adam Warner Sent: Saturday, July 07, 2001 5:18 PM To: linux-crypto@nl.linux.org Subject: Re: Using Crypto under LM8+2.4.6 Did you compile in all the relevant kernel options? (Loopback, enable loopback encryption, the separate set of crypto options?) The howto is very well set out. Adam Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Sun Jul 8 02:37:46 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Sun, 8 Jul 2001 02:35:00 +0200 Received: from nationalcontractors.com ([207.173.117.117]:29956 "EHLO nationalcontractors.com") by humbolt.nl.linux.org with ESMTP id ; Sun, 8 Jul 2001 02:34:51 +0200 Received: from w2kpro01 (ppp-206-170-210-194.lsan03.pacbell.net [206.170.210.194]) by nationalcontractors.com (8.9.3/8.9.3) with SMTP id RAA14213; Sat, 7 Jul 2001 17:39:11 -0700 (MST) (envelope-from stuart@bh90210.net) Reply-To: From: "IT3 Stuart B. Tener, USNR-R" To: Cc: "peter k." , "Michael H. Warfield" , "Jari Ruusu" , Subject: RE: Announce loop-AES-v1.3b file crypto package Date: Sat, 7 Jul 2001 17:34:34 -0700 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 In-Reply-To: <20010708103151.H1225@chinstrap.nsw.bigpond.net.au> Importance: Normal Disposition-Notification-To: "IT3 Stuart B. Tener, USNR-R" Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list Mr. Norris, et al.: I claim the first amendment rights (a reference to the US constitution for foreign nationals) of a newbie, to have no clear idea of exactly what is best for my own good! That being said, and with all this clearly exact knowledge with regard to pass phrases, what is the link to the pass phrase FAQ? Perhaps that will get me more grounded in what is best. Very Respectfully, Stuart Blake Tener, IT3, USNR-R, N3GWG VTU 1904G (Volunteer Training Unit) stuart@bh90210.net west coast: (310)-358-0202 P.O. Box 16043, Beverly Hills, CA 90209-2043 east coast: (215)-338-6005 P.O. Box 45859, Philadelphia, PA 19149-5859 Telecopier: (419)-715-6073 fax to email gateway via www.efax.com (it's free!) JOIN THE US NAVY RESERVE, SERVE YOUR COUNTRY, AND BENEFIT FROM IT ALL. Saturday, July 07, 2001 5:31 PM -----Original Message----- From: Stephen Robert Norris [mailto:srn@fn.com.au] Sent: Saturday, July 07, 2001 5:32 PM To: IT3 Stuart B. Tener, USNR-R Cc: srn@fn.com.au; peter k.; Michael H. Warfield; Jari Ruusu; linux-crypto@nl.linux.org Subject: Re: Announce loop-AES-v1.3b file crypto package On Sat, Jul 07, 2001 at 04:33:46PM -0700, IT3 Stuart B. Tener, USNR-R wrote: > Dear list members: > > I must admit I find a great deal of this entire thread to be rather > entertaining. Unless I am mistaken, I watched two people just spend several > emails arguing over typing five characters at one point. How it is possible > you can have the time to care about cryptography to the extent to install > and use it, but not have the time to care to remember or type an additional > 5 characters, when its YOUR OWN DATA you are protecting, is far beyond the > scope of my comprehension. > > What is wrong with English sentences when mixed random words? > > Example: "The telephone is a useful invention! Grapes!" <- this is > easy to remember, and it has 44 characters. I am curious if anyone has > written a script or C program to translate English text into > English/numerical text (hello to h3ll0). I couldn't agree more. However, your example is an extremely good example of what not to do. It's 45 characters long. The first 36 are definately "normal english text" - let's assign them 2 bits each (72 bits). The rest is harder - let's pretend it's worth 3 bits each (24 bits). So that's a total of 96 bits protecting your key... Now, in reality it's easier than this - after all, an attacker can try letters & punctuation first, and you even obey normal capital placing rules, so that simplifies things. It's not a good passphrase. A random 10 character one might well be better! I think my general complaint is that people's intuition about what makes a good passphrase is bad :) Stephen -- Stephen Norris srn@fn.com.au Farrow Norris Pty Ltd +61 417 243 239 Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Sun Jul 8 02:53:12 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Sun, 8 Jul 2001 02:51:32 +0200 Received: from ns.guardiandigital.com ([209.11.107.5]:7443 "EHLO juggernaut.dmz.guardiandigital.com") by humbolt.nl.linux.org with ESMTP id ; Sun, 8 Jul 2001 02:51:20 +0200 Received: from orion.dmz.guardiandigital.com (orion.dmz.guardiandigital.com [209.11.107.30]) by juggernaut.dmz.guardiandigital.com (Postfix) with ESMTP id 7A13811D302; Sat, 7 Jul 2001 20:50:26 -0400 (EDT) Received: from mastermind.inside.guardiandigital.com (smtp.inside.guardiandigital.com [192.168.1.100]) by orion.dmz.guardiandigital.com (8.9.3/8.9.3) with ESMTP id UAA25641; Sat, 7 Jul 2001 20:50:26 -0400 Received: from guardiandigital.com (dave.inside.guardiandigital.com [192.168.1.206]) by mastermind.inside.guardiandigital.com (8.9.3/8.9.3) with ESMTP id UAA01501; Sat, 7 Jul 2001 20:50:26 -0400 Message-ID: <3B47AE52.DB277919@guardiandigital.com> Date: Sat, 07 Jul 2001 20:50:26 -0400 From: Dave Wreski X-Mailer: Mozilla 4.77 [en] (X11; U; Linux 2.4.3-ac3 i686) X-Accept-Language: en, x-ns1SHJth8A1Nh5, x-ns2U0e0btwUq5f MIME-Version: 1.0 To: stuart@bh90210.net Cc: linux-crypto@nl.linux.org Subject: Re: Announce loop-AES-v1.3b file crypto package References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list > That being said, and with all this clearly exact knowledge with regard to > pass phrases, what is the link to the pass phrase FAQ? Perhaps that will get > me more grounded in what is best. The passphrase FAQ: (from alt.security or alt.pgp some years ago, I believe) http://www.linuxsecurity.com/resource_files/cryptography/passphrase-faq.html Dave -- Dave Wreski Corporate Manager Guardian Digital, Inc. (201) 934-9230 Pioneering. Open Source. Security. dave@guardiandigital.com http://www.guardiandigital.com Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Sun Jul 8 03:01:54 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Sun, 8 Jul 2001 03:00:35 +0200 Received: from nationalcontractors.com ([207.173.117.117]:32772 "EHLO nationalcontractors.com") by humbolt.nl.linux.org with ESMTP id ; Sun, 8 Jul 2001 03:00:16 +0200 Received: from w2kpro01 (ppp-206-170-210-194.lsan03.pacbell.net [206.170.210.194]) by nationalcontractors.com (8.9.3/8.9.3) with SMTP id SAA14354; Sat, 7 Jul 2001 18:04:39 -0700 (MST) (envelope-from stuart@bh90210.net) Reply-To: From: "IT3 Stuart B. Tener, USNR-R" To: "Dave Wreski" Cc: Subject: RE: Announce loop-AES-v1.3b file crypto package Date: Sat, 7 Jul 2001 18:00:03 -0700 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 In-Reply-To: <3B47AE52.DB277919@guardiandigital.com> Importance: Normal Disposition-Notification-To: "IT3 Stuart B. Tener, USNR-R" Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list Dear Sir: Do you know if there is a PDF version of this FAQ? Very Respectfully, Stuart Blake Tener, IT3, USNR-R, N3GWG VTU 1904G (Volunteer Training Unit) stuart@bh90210.net west coast: (310)-358-0202 P.O. Box 16043, Beverly Hills, CA 90209-2043 east coast: (215)-338-6005 P.O. Box 45859, Philadelphia, PA 19149-5859 Telecopier: (419)-715-6073 fax to email gateway via www.efax.com (it's free!) JOIN THE US NAVY RESERVE, SERVE YOUR COUNTRY, AND BENEFIT FROM IT ALL. Saturday, July 07, 2001 5:59 PM -----Original Message----- From: dave@mastermind.inside.guardiandigital.com [mailto:dave@mastermind.inside.guardiandigital.com]On Behalf Of Dave Wreski Sent: Saturday, July 07, 2001 5:50 PM To: stuart@bh90210.net Cc: linux-crypto@nl.linux.org Subject: Re: Announce loop-AES-v1.3b file crypto package > That being said, and with all this clearly exact knowledge with regard to > pass phrases, what is the link to the pass phrase FAQ? Perhaps that will get > me more grounded in what is best. The passphrase FAQ: (from alt.security or alt.pgp some years ago, I believe) http://www.linuxsecurity.com/resource_files/cryptography/passphrase-faq.html Dave -- Dave Wreski Corporate Manager Guardian Digital, Inc. (201) 934-9230 Pioneering. Open Source. Security. dave@guardiandigital.com http://www.guardiandigital.com Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Sun Jul 8 03:11:49 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Sun, 8 Jul 2001 03:09:08 +0200 Received: from ns.guardiandigital.com ([209.11.107.5]:11539 "EHLO juggernaut.dmz.guardiandigital.com") by humbolt.nl.linux.org with ESMTP id ; Sun, 8 Jul 2001 03:08:59 +0200 Received: from orion.dmz.guardiandigital.com (orion.dmz.guardiandigital.com [209.11.107.30]) by juggernaut.dmz.guardiandigital.com (Postfix) with ESMTP id 4E31111D302; Sat, 7 Jul 2001 21:08:58 -0400 (EDT) Received: from mastermind.inside.guardiandigital.com (smtp.inside.guardiandigital.com [192.168.1.100]) by orion.dmz.guardiandigital.com (8.9.3/8.9.3) with ESMTP id VAA25698; Sat, 7 Jul 2001 21:08:58 -0400 Received: from guardiandigital.com (dave.inside.guardiandigital.com [192.168.1.206]) by mastermind.inside.guardiandigital.com (8.9.3/8.9.3) with ESMTP id VAA01563; Sat, 7 Jul 2001 21:08:58 -0400 Message-ID: <3B47B2AA.112188AD@guardiandigital.com> Date: Sat, 07 Jul 2001 21:08:58 -0400 From: Dave Wreski X-Mailer: Mozilla 4.77 [en] (X11; U; Linux 2.4.3-ac3 i686) X-Accept-Language: en, x-ns1SHJth8A1Nh5, x-ns2U0e0btwUq5f MIME-Version: 1.0 To: stuart@bh90210.net Cc: linux-crypto@nl.linux.org Subject: Re: Announce loop-AES-v1.3b file crypto package References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list "IT3 Stuart B. Tener, USNR-R" wrote: > > Dear Sir: > > Do you know if there is a PDF version of this FAQ? It may not be the prettiest, but a little html2ps and ps2pdf works wonders sometimes: http://www.linuxsecurity.com/resource_files/cryptography/passphrase-faq.pdf Regards, Dave -- Dave Wreski Corporate Manager Guardian Digital, Inc. (201) 934-9230 Pioneering. Open Source. Security. dave@guardiandigital.com http://www.guardiandigital.com Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From owner-linux-crypto@nl.linux.org Sun Jul 8 03:33:07 2001 Received: (root@humbolt.nl.linux.org) by humbolt.nl.linux.org id ; Sun, 8 Jul 2001 03:31:34 +0200 Received: from mail.win.co.nz ([210.55.230.193]:63760 "EHLO mail.win.co.nz") by humbolt.nl.linux.org with ESMTP id ; Sun, 8 Jul 2001 03:31:25 +0200 Received: from work (unknown [210.55.104.94]) by mail.win.co.nz (Postfix) with ESMTP id 1B6CF5380B7 for ; Sun, 8 Jul 2001 13:31:08 +1200 (NZST) Subject: RE: Using Crypto under LM8+2.4.6 From: Adam Warner To: linux-crypto@nl.linux.org In-Reply-To: References: Content-Type: text/plain Content-Transfer-Encoding: 7bit X-Mailer: Evolution/0.10.99 (Preview Release) Date: 08 Jul 2001 13:32:14 +1200 Message-Id: <994555935.2207.1.camel@work> Mime-Version: 1.0 Sender: owner-linux-crypto@nl.linux.org Precedence: bulk Return-Path: X-Envelope-To: <"| /bin/marchive -a -m -f /home/majordomo/public_html/linux-crypto/folders/linux-crypto"> (uid 0) X-Orcpt: rfc822;linux-crypto-list On 07 Jul 2001 17:35:00 -0700, IT3 Stuart B. Tener, USNR-R wrote: > Mr. Warner, et al.: > > Well, I believe so. However, later tonight I will try to post a copy of my > ".config" so you can review it. Which FAQ are you speaking of? If you mean > the one that comes with the documentation for the patch, I have read it > "FAQ.txt" or whatever it is called. Stuart, I probably won't be reviewing it. You have to take the time to read though the new menu options when you are compiling a new kernel. I like using the menuconfig interface (make menuconfig in /usr/src/linux). BTW I said "HOWTO" (by Marc Mutz): http://encryptionhowto.sourceforge.net/ Just remember it was written from the perspective of the 2.2 kernel. > From a "newbies" point of view, why can we implement any of the following > ideas? > > Does the crypto package work in connection with the encryption of passwords > stored in /etc/passwd at all? If not, is such functionality planned? The whole point of encryption is that it hopefully keeps data safe when people _bypass_ the operating system authenication controls (e.g. by having physical access to your computer). If you care enough about your data to encrypt it you don't want the operating sy