-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 21.06.2016 23:54, Arqwer wrote: > How "quick" any of available super PCs (10,649,60 cores, 125,435. TFLOP/S >> ) can find the password (e.g 8-16 chars) encrypted with Qubes default >> settings cryptsetup? >> > > Encryption is the hardest part of chain. If the passphrase is long > enough.If password is 16 random lowercase and uppercasr letters, then it > is 52^16 combinations, it is about 10^27. If you can crack 100 Peta > passwords/S, then it will take 10^(27-17) = 10^(10) seconds to brute the > password, which is 316 years. (Really expectation is half of it, so 158 > years on average). Of course, if those letters are not "Password12345678". > > How can we improve security to prevent this? > > > If 316 years is not enough, than you can add one more character, to make > it 16 thousands of years!
Most of those projections about how many years brute forcing a passphrase with that many bits of entropy may take completely ignore one key aspect, especially when you are talking about hundreds of years and that is technical advance and Moore's law. So to be realistic, you would need to take that into consideration. Refer to: * https://crypto.stackexchange.com/questions/1815/how-to-account-for-moores-law-in - -estimating-time-to-crack - -- Live long and prosper Robin `ypid` Schneider -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJXabyzAAoJEIb9mAu/GkD4DhQP/iru7NGtTJ6gVdsdnYlZfLx1 6uTWhX0mwwOYw1TMV4wGC9uW2NDGsiVXHHEJSXpdeLvMwZYdZGfKxu8vv8SRpUQc SZYI38gybmYn4+wg/fp4oU6cDaHqJ2eh+oOh1YUZhnewOM/jcUMD7kK+sVFcP0Sr koagcIuEXFC0nRnwZsSMtcfr1DQ3x/rJHQuBwdfQLpKyK6gDOVJEqQ5K1kh0Q2w+ yUEcMVtJiMdFkYyTFu7/pcuVv4Xgssiw+8eUt7tsr8QO5Sqczhr0oxlN3d8EwEeX 2H8poeBIPJ1v++xqiFuglxA2NkS3pi/y5VMWqs4rI8phazSvgPhkcZJ7NOsNpo6k NkOFZHccwdRAq9KVq8M6OGcFk6ulSU6Y1SayHxkNM9zQ8ofJ4IBoJ4b+zAwcKta6 nPidNlPjhATD1BY0G1wO61TtfCqYqHuEdENvxko+Q2OXuNqaNREs+9+xdQrcwTuJ hCy+YMC5wS1W25Le4f8Q0oNQrhMiLM92/YNz+tW8JzmLLU1LdzbM4Dz9Kf3aGrqV Fi0FSj4MdRLzD9lLiZ6zUXpCpfYGlACyP2j58mssa5jLyKqHvEiMt1cSiOAoE16O Lqxr0D8/M/O4Zx7o9NuQWi86stKK39x1xzbzOTCo0zjK+zwd8L5LspbVZpmW8AQW q5t6CA096mCC45lflC4F =0UJ1 -----END PGP SIGNATURE----- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to firstname.lastname@example.org. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/a69beae4-41e8-6f5b-9cce-b56916e1c6a3%40riseup.net. For more options, visit https://groups.google.com/d/optout.