Date: Mon, 24 Sep 2007 11:07:13 +0200 (CEST) From: Christian Baer <christian.baer@uni-dortmund.de> To: freebsd-geom@freebsd.org Subject: Re: Pipes password from kdialog to geli attach Message-ID: <fd7uo1$2mm5$1@nermal.rz1.convenimus.net> References: <200709222256.17692.yarodin@gmail.com> <fd5pk7$2hh1$1@nermal.rz1.convenimus.net> <15188.8009081178$1190592622@news.gmane.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 24 Sep 2007 00:49:46 +0100 RW wrote: >> Blowfish". Blowfish is much faster than AES, especially with these >> short keylengths. > > Is it? Blowfish is very fast when you use it to encrypt a whole file, > but it deliberately has a high initialization cost to prevent its speed > aiding a brute force attacks against beginning of the ciphertext. I know the problem with the brute force attack - although IMHO you'd probably break it open more quickly if you attacked the passphrase. I gave this suggestion in direct combination with a weak passphrase or password, if only mild security was needed; like keeping love letters safe from your wife/girlfriend. :-) The weaknesses of Blowfish are well known, that is why the Bruce Schneier brought out a new Cypher (Twofish) together with John Kelsey, Doug Whiting, David Wagner, Chris Hall, and Niels Ferguson. > Presumably geli encrypts a sector at a time, so it's not obvious > whether Blowfish is all that fast. Do you know of any Benchmarks for > Blowfish verses AES? There are several out there but although they distinguisch AES128 and AES256, there is only one Blowfish and judging from the speed, I'd say they used a keylength of 448 bits. With such a long key, Blowfish is actually slower than AES - even if you encrypt a large file with it. You're right, geli does encrypt sector by sector. But first of all, the sectors aren't 512 bytes in size, but more like 4096 bytes and second, it doesn't use a new key for every sector. I'm afraid I have no benchmarks for you that will satisfy scientific standards. Older Versions of Truecrypt[1] supported Blowfish (it was removed a while back) and also had a benchmark where Blowfish was always on top - and 3DES always on the bottom. :-) I played around with geli a fair while back, trying AES and Blowfish. On that machine (AMD Tbred 2000) Blowfish was always a lot faster when the key was no longer than 256 bits. I tried that extensively by moving files around (from a non-encrypted provider to an encrypted one). Please don't ask me about the numbers, as I was really only playing around. The installation of a crypto-cárd was always planned and these little buggers are optimized for AES. I'm not even sure if they do anything else. Regards, Chris [1] http://www.truecrypt.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?fd7uo1$2mm5$1>