What about 20 characters?
Posted Jan 23, 2004 11:27 UTC (Fri) by paulsheer
Parent article: A weak cryptoloop implementation in Linux?
When you run losetup, it does not let you proceed unless
the password is more than 20 characters:
/sbin/losetup -e AES128 /dev/loop0 FILE
Error: Password string must be at least 20 characters.
20 ascii characters is a 130 bit key.
if they are lower case only, and composed of whole
words (and, say, there are 10000 words to choose from)
then we have (10000^5) ~= 66 bits.
- this is a worst case, but long enough to be secure IMO.
My question is: was the loopback device ever MEANT to
be secure against a chosen plaintext attack? Surely not.
I believe it should be dead obvious to users
that a long key is essential because there is
no protocol protection.
Further the other vulnerabilities should
also be obvious: key snooping + memory snooping
during setup, etc. these are all *obvious* attacks that
the user ought to be aware of. Also you can't really be
protected against such attacks within the scope of what
such software is trying to provide.
the loopback device is possibly the best way of securing
your data because its simple and clean and basically as
as secure the block cipher you are using.
to post comments)