On Wednesday, 20 September 2023 05:19:18 BST Dale wrote: > Michael wrote: > > On Tuesday, 19 September 2023 06:36:13 BST Dale wrote: > >> Heck, a link to some good info on that would be good. :-) > > > > https://gitlab.com/cryptsetup/cryptsetup/-/blob/main/FAQ.md > > > > https://gitlab.com/cryptsetup/cryptsetup/wikis/LUKS-standard/on-disk-forma > > t.pdf > > > > https://wiki.archlinux.org/title/Data-at-rest_encryption > > Oops. Should have sent this in other message. > > Interesting links. Some of the info I'm clueless. I don't know some of > the terms and what they mean. Some of it I get tho. Basically, despite > people wanting to encrypt to protect data, some powerful entities can > still crack it no matter how good the password or phrase is. It seems > encryption done 'on the fly' I think is the phrase they use is just very > hard to do without some serious CPU power or other tools. Am I getting it?
Security can be compromised because people use easy to guess passwords, or by using side-channel attack methods. As Snowden mentioned, if you rely on a low entropy device, e.g. a mobile phone, on which the base frequency can also be compromised, then that could be the weakest link for an attack. Not to mention keyloggers and various MITM attacks, which on phones at least are rumoured to be the way to compromise a device. Cracking algos and ciphers is computationally more expensive, performed offline and probably the last resort. That said, if you assume state actors are at least 10 years ahead of you in terms of technological solutions and resources, you'd be at the right ballpark. > I have a question tho. Can a person use a password/pass phrase that is > like this: 'This is a stupid pass phrase.' Does it accept that even > with spaces? I know file names can have spaces for a long while now but > way back, you couldn't do that easily. One had to use dashes or > underscores. Uses spaces could open a few options. Generally speaking space characters are a poor choice for randomness. I recall seeing some documentary about the Enigma machine used by the German military during the 2nd WW. To minimise attempts to brute force the ciphertext, they started by identifying which letter(s) were most frequently used in the German language - e.g. the letter "e", then the second most frequent letter and so on. This statistical analysis approach in combination with likely message content reduced the number of guesses. In principle, a repeated space character in your passphrase could help reduce the computational burden of an offline brute force attack, by e.g. helping an attacker to identify the number of individual words in a passphrase. All these passphrases and whatever other private info you pasted into different websites could also be harvested and used to determine some statistical pattern in your selected passphrases. However, different ciphers and stronger keys guard against easy cracking by brute force.
signature.asc
Description: This is a digitally signed message part.