7v5w7go9ub0o <[EMAIL PROTECTED]> at Friday 27 June 2008, 05:41:15 > Chris Walters wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA512 > > > > Sorry if this subject has been hashed and rehashed again, but I was > > wondering > > which Gentoo partition encryption scheme is considered the best, in > > terms of: > > > > 1. Security > > "....Another thing: If I remember correctly, LUKS keeps the actual key > on the encrypted disk, itself encrypted with a passphrase. Naturally > this means that an attacker only has to break the passphrase, which gets > him the key"
Naturally ... if the user wants to use passphrases, the key needs to be
related to the passphrase somehow, whether by it being derived from the
passphrase through hashing or it being encrypted with a second key, that is
derived from the passphrase.
But a decent hard disk encrpytion system should be able to store the key
file on a USB stick or on a smart card. Beside a increased security,
because there is weak passphrase, it provides increased comfort: You don't
have to enter a silly passphrase on every boot ;)
--
Freedom is always the freedom of dissenters.
(Rosa Luxemburg)
signature.asc
Description: This is a digitally signed message part.
