[liberationtech] CryptoParty Handbook
Maxim Kammerer
mk at dee.su
Thu Oct 4 20:43:46 PDT 2012
On Fri, Oct 5, 2012 at 2:06 AM, Seth David Schoen <schoen at eff.org> wrote:
> NIST and others have thought about what appropriate cryptographic key lengths
> are to respond to the phenomenon of computers getting faster. That's why
> current NIST recommendations call for using 2048-bit RSA instead of 1024-bit
> RSA -- not a quantum cryptosystem, just a stronger key length.
Recommended key lengths get larger mostly due to theoretic advances,
much less so due to computers getting faster. Cryptographic algorithms
are supposed to be resistant to brute force attacks for the
foreseeable future at the time of their design, when used with the
default key length.
> Some people see this concern as hypothetical, but it's pretty easy to
> test with loopback mounting. I just made a 100 MB file, initialized it
> with zeroes, created an ext4 filesystem in it, and loopback mounted the
> filesystem. Then I created several very large text files with repeating,
> easy-to-recognize contents, and then deleted the files with shred -u.
> It was still possible to find a small number of copies of the text file
> contents in the underlying storage file afterward -- probably because of
> data journaling in ext4.
Did anyone try this with devices that are supposed to be resistant to
file shredding due to wear leveling? I tried the following on two USB
keys, one ~12 years old, another ~6 years old, both formatted as
FAT32:
echo test_string_123 > x
for i in $(seq 20); do cat x x > x1; mv x1 x; done
cp x /media/... && sync
shred -u /media/... && sync
cp /dev/sd... image
LC_ALL=C grep -wc test_string_123 image
The result was 0 in both cases.
--
Maxim Kammerer
Liberté Linux: http://dee.su/liberte
More information about the liberationtech
mailing list