Re: DCPP
- From: Volker Birk <bumens@xxxxxxxxxxx>
- Date: 25 Jan 2007 11:42:40 +0100
Sebastian Gottschalk <seppi@xxxxxxxxx> wrote:
Just encrypt something with DriveCrypt and run a program with high memory
consumption in parallel. Most likely, the plain encryption key will end up
in your swap file.
Nice. But not significant, because no-one will handle this like that.
Unfortunately, SecureStar only have advertizing nonsense about theirNah, the 1344 bit aren't nonesense. It's Triple-BlowFish, even though it
product DriveCrypt on their website:
| 1344 Bit Military Strength disk encryption using the best and most
| proven cryptographic algorithms such as AES, Blowfish, Tea 16, Tea 32,
| Des, Triple Des, Misty 1 and Square.
Nonsense.
would have an effective security of 896 bits at best.
There is no "Triple-BlowFish" in the text above, so the text remains
nonsense. And: more than 256bit with a secure block cypher is nonsense, too.
And at least AES, BlowFish, 3DES and Square are best proven. The rest is
trivially broken.
Nonsense, yes. Even DES is mentioned.
But advertizing nonsense is very common, and maybe this product is goodNo, see the snake-oil FAQ. If you can't assume that a cryptographic
nevertheless.
software is fully trustworthy in any aspect, it should be considered
useless.
I disagree. The advertizing is nonsense, accepted. And this does not
improve my trust into this company. But you're claiming, that the
encryption can be trivially broken, so please offer proofs for that
claim.
Yours,
VB.
--
"Pornography is an abstract phenomenon. It cannot exist without a medium
to propagate it, and it has very little (if anything at all) to do with sex."
Tina Lorenz
<https://events.congress.ccc.de/congress/2006/Fahrplan/events/1422.en.html>
.
- Prev by Date: Re: DCPP
- Next by Date: two factor authentication Implementation
- Previous by thread: Re: DCPP
- Next by thread: Re: DCPP
- Index(es):
Relevant Pages
|
|
