On Fri, May 6, 2011 at 15:08, Brian <a...@cityscape.co.uk> wrote: > On Fri 06 May 2011 at 13:48:23 +0300, Dotan Cohen wrote: > >> However, keys are good to prevent brute-force attacks. Think of it >> like a 256-character password using the entire ASCII field. Also, keys >> are not susceptible to keyloggers. > > I'm unsure whether you mean 'prevent' because neither keys nor passwords > can stop brute forcing attempts. If you mean a key (256 characters) is > stronger than a password (20 characters) I'd agree. But the key is no > more secure than the password. Not unless the attacker has considerably > more than the allotted three score years and ten to look forward to. > George may be past caring by then, though. >
Agreed, a strong password is good enough to prevent a brute force attack for all practical purposes. > Keyloggers would get the key passphrase too. Useless without the key itself. > And the USB stick would > have its contents pilfered. Agreed. > So, keys don't appear to give any advantage > over passwords on an untrusted machine. > Agreed that for purposes of saying "nothing was taken" then the key gives not advantage. However, if the machine is only pilfering USB contents (unlikely) or only has a keylogger (actually very likely) then using a key will mitigate. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/banlktin0nvnl70zynrgvfqs2n1hijx+...@mail.gmail.com