Date: Tue, 4 Dec 2007 17:04:23 -0700 From: Chad Perrin <perrin@apotheon.com> To: FreeBSD Questions <freebsd-questions@freebsd.org> Subject: GBDE and GELI security Message-ID: <20071205000423.GA78603@demeter.hydra>
next in thread | raw e-mail | index | archive | help
I've read reports to the effect that GBDE is vulnerable to online dictionary attacks unless two-factor authentication is used. The only such report I can find now is this discussion of NetBSD's CGD, where its author contrasts it with GBDE: http://www.onlamp.com/lpt/a/6384 Is this still the case? Are there any other security concerns related to GBDE's implementation that you might mention? How well does GELI stack up against GBDE? I was surprised to read that OpenBSD's svnd is vulnerable to *offline* dictionary attacks. Any comments on that? -- CCD CopyWrite Chad Perrin [ http://ccd.apotheon.org ] Sen. Dick Durbin, D-IL, to an RIAA executive: "Are you headed to junior high schools to round up the usual suspects?"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20071205000423.GA78603>