Re: TrueCrypt cracking in the future...Tech Discussion...
On Tue, 1 Feb 2011 01:47:21 -0500, DasFox wrote:
> I hear calculations of so many million years before a 64 character
> password will be brute-forced on TrueCrypt...
>
> I DOUBT...
>
> BUT I thought that works on a (unlikely) assumption that computer
> power will stay the same level it is now...
>
> For instance, in the past 100 years, there has been an EXPLOSION in
> TECH...
>
> IF the same happens this century, TrueCrypt files will be busted...
>
> Quantum computer can crack a 64 character TrueCrypt container, it
> actually take merely seconds, or still time-consuming but easier?
>
> THANKS
There are research papers that describe how many bits you need to add
to your keys to remain strong over time taking into consideration
Moore's Law, computational advancements, CYBERCOMM/NSA collusions
(colliding?)etc. Here's a good one with many respected names on it:
I use 256 character base64 and 40 character hexadecimal encoded SHA1
sums generated from sentences for my passwords. IMO, these are good
for the foreseeable future. 64^280 is a darn big number as is 16^40.
Here's the program (SHA1_Pass) that generates my passwords:
Re: TrueCrypt cracking in the future...Tech Discussion...
> The best a QC can do against something like AES is cut
> the keylength in half. Thus, AES-256 will be as hard to break for a
> QC as AES-128 is for classical computers.
AES-256 isnt "twice as strong" as AES-128, it's a hell of a lot stronger
than that ... you're forgetting the exponential.
Re: TrueCrypt cracking in the future...Tech Discussion...
On Tue, 1 Feb 2011 14:20:13 +0100 (CET), Nomen Nescio wrote:
>> On Tue, 1 Feb 2011 01:47:21 -0500, DasFox wrote:
>
>> I hear calculations of so many million years before a 64 character
>> password will be brute-forced on TrueCrypt...
>
>> I DOUBT...
>
>> BUT I thought that works on a (unlikely) assumption that computer
>> power will stay the same level it is now...
>
>> For instance, in the past 100 years, there has been an EXPLOSION in
>> TECH...
>
>> IF the same happens this century, TrueCrypt files will be busted...
>
>> Quantum computer can crack a 64 character TrueCrypt container, it
>> actually take merely seconds, or still time-consuming but easier?
>
>> THANKS
>
>> There are research papers that describe how many bits you need to add
>> to your keys to remain strong over time taking into consideration
>> Moore's Law, computational advancements, CYBERCOMM/NSA collusions
>> (colliding?)etc. Here's a good one with many respected names on it:
>
>> http://people.csail.mit.edu/rivest/bsa-final-report.ps
>
>> I use 256 character base64 and 40 character hexadecimal encoded SHA1
>> sums generated from sentences for my passwords. IMO, these are good
>> for the foreseeable future. 64^280 is a darn big number as is 16^40.
>
>> Here's the program (SHA1_Pass) that generates my passwords:
>
>> http://16s.us/sha1_pass/
>
>> Feel free to use it. Or abuse it freely. Pass on sha pass?
>
>> --
>> I want love and kisses and ponies in a field of ****ographic pleasure.
>> My favorite website ;0) www.platanalytics.com
>> Call/email the Owner Nancy Norelli 305.926.8245
>> nnorelli@platanalytics.com
>> http://uscybercomresistanceleague.co...nalcapability/
>
> The windows version doesn't seem to exist.
> http://16s.us/sha1_pass/downloads/Windows/
Cyber-smudge distorts your window? To Windows? Must conceal its
existence. ;)
Re: TrueCrypt cracking in the future...Tech Discussion...
On 11-02-01 12:47 AM, DasFox wrote:
> I hear calculations of so many million years before a 64 character
> password will be brute-forced on TrueCrypt...
>
> I DOUBT...
I find it remarkable how many people obsesses about the strongest part
of a system. The argument about 128 bit vs 256 bit AES or 4096 bit RSA
can be fun (the first few times), but are not about anything that
meaningfully affects security. Reducing the chance of a brute force
attack on a key from negligible to even more negligible no meaningful
impact.
Memorable pass phrases will always be weaker, and so any brute force
attack will go after those, not after some absurdly large 64-byte keys.
And here we really do have to worry about growth in computing power.
Adding iterations to things like PBKDF2 has a linear effect on time to
crack, not exponential (as in key length).
And now that so many people and organizations can buy access to really
fast processors (Amazon EC2 "GPU Clusters"), this is becoming more of a
real threat
Re: TrueCrypt cracking in the future...Tech Discussion...
On Tue, 01 Feb 2011 10:53:50 -0600, Jeffrey Goldberg wrote:
> On 11-02-01 12:47 AM, DasFox wrote:
>
>> I hear calculations of so many million years before a 64 character
>> password will be brute-forced on TrueCrypt...
>>
>> I DOUBT...
>
> I find it remarkable how many people obsesses about the strongest part
> of a system. The argument about 128 bit vs 256 bit AES or 4096 bit RSA
> can be fun (the first few times), but are not about anything that
> meaningfully affects security. Reducing the chance of a brute force
> attack on a key from negligible to even more negligible no meaningful
> impact.
>
> Memorable pass phrases will always be weaker, and so any brute force
> attack will go after those, not after some absurdly large 64-byte keys.
> And here we really do have to worry about growth in computing power.
> Adding iterations to things like PBKDF2 has a linear effect on time to
> crack, not exponential (as in key length).
>
> And now that so many people and organizations can buy access to really
> fast processors (Amazon EC2 "GPU Clusters"), this is becoming more of a
> real threat
>
> http://stacksmashing.net/2010/11/15/...gpu-instances/
>
> -j
Re: TrueCrypt cracking in the future...Tech Discussion...
On Tue, 1 Feb 2011 19:40:45 +0100 (CET), Nomen Nescio wrote:
>> On 11-02-01 12:47 AM, DasFox wrote:
>
>> I hear calculations of so many million years before a 64 character
>> password will be brute-forced on TrueCrypt...
>
>> I DOUBT...
>
>> I find it remarkable how many people obsesses about the strongest part of a system. The argument about 128 bit vs 256 bit AES or 4096 bit RSA can be fun (the first few times), but are not about anything that meaningfully affects security. Reducing the chance of a brute force attack on a key from negligible to even more negligible no meaningful impact.
>
>> Memorable pass phrases will always be weaker, and so any brute force attack will go after those, not after some absurdly large 64-byte keys. And here we really do have to worry about growth in computing power. Adding iterations to things like PBKDF2 has a linear effect on time to crack, not exponential (as in key length).
>
>> And now that so many people and organizations can buy access to really fast processors (Amazon EC2 "GPU Clusters"), this is becoming more of a real threat
>
>> http://stacksmashing.net/2010/11/15/...gpu-instances/
>
> Does this mean that we should have a 64 byte key for maximum
> security on TrueCrypt? I am thinking that doing a sha-256 on my
> password to generate a 64 byte password might be a good idea.
DID you NOT read what Jeffrey presented...?
DO...then get back...ALL NOOBS pay attention...
Do your OWN homework, DON't ask ???? when the Answers are right
there...
SHEESH...lazy-ASSED Noobs will NOT be tolerated...
Re: TrueCrypt cracking in the future...Tech Discussion...
DasFox wrote:
> I hear calculations of so many million years before a 64 character
> password will be brute-forced on TrueCrypt...
What a mess. 64 characters is plenty long, but DasFox has conflated
the issues of key length and pass-phrase quality, neither of which is
particular to TrueCrypt. In fact, TrueCrypt supports key files, and
can even read them from PKCS11 tokens, so it's not limited to deriving
keys from user pass-phrases.
Re: TrueCrypt cracking in the future...Tech Discussion...
On Tue, 1 Feb 2011 18:34:48 -0800 (PST), Bryan wrote:
> DasFox wrote:
>> I hear calculations of so many million years before a 64 character
>> password will be brute-forced on TrueCrypt...
>
> What a mess. 64 characters is plenty long,
Bryan has denied the obvious that a 128 character password can be more
SECURE...
He is attempting to INFLATE his fragile EGO....
BUT has erred in typing Tech without thinking FIRST...
Re: TrueCrypt cracking in the future...Tech Discussion...
DasFox <dasfox@hushmail.com> wrote in
news:iiat09$a75$1@news.mixmin.net:
> On Tue, 1 Feb 2011 18:34:48 -0800 (PST), Bryan wrote:
>
>> DasFox wrote:
>>> I hear calculations of so many million years before a 64
>>> character password will be brute-forced on TrueCrypt...
>>
>> What a mess. 64 characters is plenty long,
>
> Bryan has denied the obvious that a 128 character password
> can be more SECURE...
>
> He is attempting to INFLATE his fragile EGO....
>
> BUT has erred in typing Tech without thinking FIRST...
>
> THANKS
Jesus H. Christ you're a moron, Dasfox!
1) Truecrypt has a MAXIMUM password length of 64 characters, you
idiot.
2) Even with characters drawn from just the upper and lower case
alphabet (52 characters) a 64-character password has a potential
strength of 364+ bits, far more than the maximum underlying
strength (256 bits) of any of Truecrypt's encryption algorithms
(AES, etc.). 45 such characters is sufficient to match the
algorithm - anything more is utterly useless. Like you, you
ineffably dense twit.
You can't even secure your own network and you call yourself a
tech? PFFFT!
No, Dasfox, you're just an imbecile who believes that invoking
the word "tech" (capitalized yet!) somehow confers credibility
on your inane ramblings. Well, it doesn't! You're just an
ignorant savage trying to make juju by invoking a magic word.
Re: TrueCrypt cracking in the future...Tech Discussion...
On 11-02-02 12:18 AM, DasFox wrote:
> On Tue, 1 Feb 2011 18:34:48 -0800 (PST), Bryan wrote:
>> DasFox wrote:
>>> I hear calculations of so many million years before a 64 character
>>> password will be brute-forced on TrueCrypt...
>> What a mess. 64 characters is plenty long,
>
> Bryan has denied the obvious that a 128 character password can be more
> SECURE...
How? In what possible world does going from the already over-the-top 64
character password to a 128 character password add meaningful security
when the underlying encryption is 256-bits?
How could someone with the resources to crack a 64 character password
not already have the resources to attack a weaker part of the system?
-j
--
Jeffrey Goldberg http://goldmark.org/jeff/
I rarely read HTML or poorly quoting posts
Reply-To address is valid
Re: TrueCrypt cracking in the future...Tech Discussion...
On Wed, 02 Feb 2011 01:25:19 -0600, Jeffrey Goldberg wrote:
> On 11-02-02 12:18 AM, DasFox wrote:
>> On Tue, 1 Feb 2011 18:34:48 -0800 (PST), Bryan wrote:
>
>>> DasFox wrote:
>>>> I hear calculations of so many million years before a 64 character
>>>> password will be brute-forced on TrueCrypt...
>
>>> What a mess. 64 characters is plenty long,
>>
>> Bryan has denied the obvious that a 128 character password can be more
>> SECURE...
>
> How? In what possible world does going from the already over-the-top 64
> character password to a 128 character password add meaningful security
> when the underlying encryption is 256-bits?
ASK Bryan...but you CAN'T because he snipped my post...
Just to make him not LIABLE.
Disingenous...
> How could someone with the resources to crack a 64 character password
> not already have the resources to attack a weaker part of the system?
>
> -j
Re: TrueCrypt cracking in the future...Tech Discussion...
In article <iib1bu$gi1$1@news.mixmin.net>, DasFox <dasfox@hushmail.com>
wrote:
> Disingenous...
>
> > How could someone with the resources to crack a 64 character password
> > not already have the resources to attack a weaker part of the system?
> >
> > -j
>
> EXACTLY...this is Tech I know...
>
Spelling, not so much.
--
Next year in Sarajevo ...
Re: TrueCrypt cracking in the future...Tech Discussion...
On Wed, 2 Feb 2011 13:09:06 +0100 (CET), Anne Onime wrote:
> On 2/1/2011 11:33 PM, DasFox wrote:
>> On Wed, 02 Feb 2011 01:25:19 -0600, Jeffrey Goldberg wrote:
>>
>>> On 11-02-02 12:18 AM, DasFox wrote:
>>>> On Tue, 1 Feb 2011 18:34:48 -0800 (PST), Bryan wrote:
>>>
>>>>> DasFox wrote:
>>>>>> I hear calculations of so many million years before a 64 character
>>>>>> password will be brute-forced on TrueCrypt...
>>>
>>>>> What a mess. 64 characters is plenty long,
>>>>
>>>> Bryan has denied the obvious that a 128 character password can be more
>>>> SECURE...
>>>
>>> How? In what possible world does going from the already over-the-top 64
>>> character password to a 128 character password add meaningful security
>>> when the underlying encryption is 256-bits?
>>
>> ASK Bryan...but you CAN'T because he snipped my post...
>>
>> Just to make him not LIABLE.
>>
>> Disingenous...
>
> You cannot spell.
YOU make love to dogs...
>You are too lazy,too whacked out on dope, or too incompetent employ a spellchecker.
CATS ignore you...
> You are unable to craft a complete sentence.
Kraft cheese is coming out your ***...
> Your news client is still broken.
I don't use a news client...LOL
> And you whine that you are "TECH."
Tech here agrees your not one...
> You are a pathetic half-wit.
Your sister did not inherit your Mother's fellatiotorial skills...
Re: TrueCrypt cracking in the future...Tech Discussion...
On 2/2/2011 8:50 AM, DasFox wrote:
> On Wed, 2 Feb 2011 13:09:06 +0100 (CET), Anne Onime wrote:
>
>> On 2/1/2011 11:33 PM, DasFox wrote:
>>> On Wed, 02 Feb 2011 01:25:19 -0600, Jeffrey Goldberg wrote:
>>>
>>>> On 11-02-02 12:18 AM, DasFox wrote:
>>>>> On Tue, 1 Feb 2011 18:34:48 -0800 (PST), Bryan wrote:
>>>>
>>>>>> DasFox wrote:
>>>>>>> I hear calculations of so many million years before a 64 character
>>>>>>> password will be brute-forced on TrueCrypt...
>>>>
>>>>>> What a mess. 64 characters is plenty long,
>>>>>
>>>>> Bryan has denied the obvious that a 128 character password can be more
>>>>> SECURE...
>>>>
>>>> How? In what possible world does going from the already over-the-top 64
>>>> character password to a 128 character password add meaningful security
>>>> when the underlying encryption is 256-bits?
>>>
>>> ASK Bryan...but you CAN'T because he snipped my post...
>>>
>>> Just to make him not LIABLE.
>>>
>>> Disingenous...
>>
>> You cannot spell.
>
> YOU make love to dogs...
>
>> You are too lazy,too whacked out on dope, or too incompetent employ a spellchecker.
>
> CATS ignore you...
>
>> You are unable to craft a complete sentence.
>
> Kraft cheese is coming out your ***...
>
>> Your news client is still broken.
>
> I don't use a news client...LOL
>
>> And you whine that you are "TECH."
>
> Tech here agrees your not one...
>
>> You are a pathetic half-wit.
>
> Your sister did not inherit your Mother's fellatiotorial skills...
Re: TrueCrypt cracking in the future...Tech Discussion...
On Thu, 3 Feb 2011 00:06:02 +0100 (CET), Nomen Nescio wrote:
> On 2/2/2011 8:50 AM, DasFox wrote:
>> On Wed, 2 Feb 2011 13:09:06 +0100 (CET), Anne Onime wrote:
>>
>>> On 2/1/2011 11:33 PM, DasFox wrote:
>>>> On Wed, 02 Feb 2011 01:25:19 -0600, Jeffrey Goldberg wrote:
>>>>
>>>>> On 11-02-02 12:18 AM, DasFox wrote:
>>>>>> On Tue, 1 Feb 2011 18:34:48 -0800 (PST), Bryan wrote:
>>>>>
>>>>>>> DasFox wrote:
>>>>>>>> I hear calculations of so many million years before a 64 character
>>>>>>>> password will be brute-forced on TrueCrypt...
>>>>>
>>>>>>> What a mess. 64 characters is plenty long,
>>>>>>
>>>>>> Bryan has denied the obvious that a 128 character password can be more
>>>>>> SECURE...
>>>>>
>>>>> How? In what possible world does going from the already over-the-top 64
>>>>> character password to a 128 character password add meaningful security
>>>>> when the underlying encryption is 256-bits?
>>>>
>>>> ASK Bryan...but you CAN'T because he snipped my post...
>>>>
>>>> Just to make him not LIABLE.
>>>>
>>>> Disingenous...
>>>
>>> You cannot spell.
>>
>> YOU make love to dogs...
>>
>>> You are too lazy,too whacked out on dope, or too incompetent employ a spellchecker.
>>
>> CATS ignore you...
>>
>>> You are unable to craft a complete sentence.
>>
>> Kraft cheese is coming out your ***...
>>
>>> Your news client is still broken.
>>
>> I don't use a news client...LOL
>>
>>> And you whine that you are "TECH."
>>
>> Tech here agrees your not one...
>>
>>> You are a pathetic half-wit.
>>
>> Your sister did not inherit your Mother's fellatiotorial skills...
>
> "fellatiotorial?"
Tell your Mother...
> That's not even a word.
>
> You are an illiterate dolt.
Re: TrueCrypt cracking in the future...Tech Discussion...
On 2/3/2011 10:52 AM, DasFox wrote:
> On Thu, 3 Feb 2011 00:06:02 +0100 (CET), Nomen Nescio wrote:
>
>> On 2/2/2011 8:50 AM, DasFox wrote:
>>> On Wed, 2 Feb 2011 13:09:06 +0100 (CET), Anne Onime wrote:
>>>
>>>> On 2/1/2011 11:33 PM, DasFox wrote:
>>>>> On Wed, 02 Feb 2011 01:25:19 -0600, Jeffrey Goldberg wrote:
>>>>>
>>>>>> On 11-02-02 12:18 AM, DasFox wrote:
>>>>>>> On Tue, 1 Feb 2011 18:34:48 -0800 (PST), Bryan wrote:
>>>>>>
>>>>>>>> DasFox wrote:
>>>>>>>>> I hear calculations of so many million years before a 64 character
>>>>>>>>> password will be brute-forced on TrueCrypt...
>>>>>>
>>>>>>>> What a mess. 64 characters is plenty long,
>>>>>>>
>>>>>>> Bryan has denied the obvious that a 128 character password can be more
>>>>>>> SECURE...
>>>>>>
>>>>>> How? In what possible world does going from the already over-the-top 64
>>>>>> character password to a 128 character password add meaningful security
>>>>>> when the underlying encryption is 256-bits?
>>>>>
>>>>> ASK Bryan...but you CAN'T because he snipped my post...
>>>>>
>>>>> Just to make him not LIABLE.
>>>>>
>>>>> Disingenous...
>>>>
>>>> You cannot spell.
>>>
>>> YOU make love to dogs...
>>>
>>>> You are too lazy,too whacked out on dope, or too incompetent employ a spellchecker.
>>>
>>> CATS ignore you...
>>>
>>>> You are unable to craft a complete sentence.
>>>
>>> Kraft cheese is coming out your ***...
>>>
>>>> Your news client is still broken.
>>>
>>> I don't use a news client...LOL
>>>
>>>> And you whine that you are "TECH."
>>>
>>> Tech here agrees your not one...
>>>
>>>> You are a pathetic half-wit.
>>>
>>> Your sister did not inherit your Mother's fellatiotorial skills...
>>
>> "fellatiotorial?"
>
> Tell your Mother...
>
>> That's not even a word.
>>
>> You are an illiterate dolt.
>
> "DOLT" not an American word...
That is because I'm not an American, you fool.
YOU are the very definition of a dolt, which you obviously know:
A dunce, an imbecile, a moron.
I'm still wondering where you got "fellatiotorial"
which isn't even a word at all. Pulled that one out of your *** like everything else you do.
By the way, Paul Wilders is not an American citizen.
Shall we throw him away to?
Re: TrueCrypt cracking in the future...Tech Discussion...
On Thu, 3 Feb 2011 21:37:05 +0100 (CET), Nomen Nescio wrote:
> On 2/3/2011 10:52 AM, DasFox wrote:
>> On Thu, 3 Feb 2011 00:06:02 +0100 (CET), Nomen Nescio wrote:
>>
>>> On 2/2/2011 8:50 AM, DasFox wrote:
>>>> On Wed, 2 Feb 2011 13:09:06 +0100 (CET), Anne Onime wrote:
>>>>
>>>>> On 2/1/2011 11:33 PM, DasFox wrote:
>>>>>> On Wed, 02 Feb 2011 01:25:19 -0600, Jeffrey Goldberg wrote:
>>>>>>
>>>>>>> On 11-02-02 12:18 AM, DasFox wrote:
>>>>>>>> On Tue, 1 Feb 2011 18:34:48 -0800 (PST), Bryan wrote:
>>>>>>>
>>>>>>>>> DasFox wrote:
>>>>>>>>>> I hear calculations of so many million years before a 64 character
>>>>>>>>>> password will be brute-forced on TrueCrypt...
>>>>>>>
>>>>>>>>> What a mess. 64 characters is plenty long,
>>>>>>>>
>>>>>>>> Bryan has denied the obvious that a 128 character password can be more
>>>>>>>> SECURE...
>>>>>>>
>>>>>>> How? In what possible world does going from the already over-the-top 64
>>>>>>> character password to a 128 character password add meaningful security
>>>>>>> when the underlying encryption is 256-bits?
>>>>>>
>>>>>> ASK Bryan...but you CAN'T because he snipped my post...
>>>>>>
>>>>>> Just to make him not LIABLE.
>>>>>>
>>>>>> Disingenous...
>>>>>
>>>>> You cannot spell.
>>>>
>>>> YOU make love to dogs...
>>>>
>>>>> You are too lazy,too whacked out on dope, or too incompetent employ a spellchecker.
>>>>
>>>> CATS ignore you...
>>>>
>>>>> You are unable to craft a complete sentence.
>>>>
>>>> Kraft cheese is coming out your ***...
>>>>
>>>>> Your news client is still broken.
>>>>
>>>> I don't use a news client...LOL
>>>>
>>>>> And you whine that you are "TECH."
>>>>
>>>> Tech here agrees your not one...
>>>>
>>>>> You are a pathetic half-wit.
>>>>
>>>> Your sister did not inherit your Mother's fellatiotorial skills...
>>>
>>> "fellatiotorial?"
>>
>> Tell your Mother...
>>
>>> That's not even a word.
>>>
>>> You are an illiterate dolt.
>>
>> "DOLT" not an American word...
>
> That is because I'm not an American, you fool.
NODUH...sux to be you...
> YOU are the very definition of a dolt, which you obviously know:
> A dunce, an imbecile, a moron.
>
> I'm still wondering where you got "fellatiotorial"
> which isn't even a word at all. Pulled that one out of your *** like everything else you do.
>
> By the way, Paul Wilders is not an American citizen.
TrueCrypt cracking in the future...Tech Discussion... 
Linear Mode
