On Tue, Jan 18, 2011 at 08:10:40AM -0800, Chip Camden wrote: > It seems prudent to me to reduce the attack surface to that which really > needs to be defended -- "When you defend everything, you defend nothing". > Not to mention avoiding the overhead of encrypting OS files.
Indeed. > What do you folks think of the relative merits of AES vs Blowfish for > disk encryption? Neither have been broken with their complete number of rounds. Versions of both can be broken with a reduced number of rounds. See http://www.schneier.com/paper-blowfish-oneyear.html for some analysis of blowfish, and e.g. http://www.schneier.com/paper-rijndael.html for several attacks on Rijndael with reduced rounds. It looks like both are viable choices today. Certainly good enough to protect your data in case of hardware theft. No encryption method is secure against lead-pipe cryptanalysis. [http://www.schlockmercenary.com/2009-10-19] :-) But it seems like a safe bet that there will be more effort spent on breaking AES/Rijndael. Roland -- R.F.Smith http://www.xs4all.nl/~rsmith/ [plain text _non-HTML_ PGP/GnuPG encrypted/signed email much appreciated] pgp: 1A2B 477F 9970 BA3C 2914 B7CE 1277 EFB0 C321 A725 (KeyID: C321A725)
pgpNiIKaFRSNn.pgp
Description: PGP signature