From owner-freebsd-questions@FreeBSD.ORG Wed Jan 19 22:45:15 2011 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 9159F1065670 for ; Wed, 19 Jan 2011 22:45:15 +0000 (UTC) (envelope-from rsmith@xs4all.nl) Received: from smtp-vbr4.xs4all.nl (smtp-vbr4.xs4all.nl [194.109.24.24]) by mx1.freebsd.org (Postfix) with ESMTP id 0AA078FC1A for ; Wed, 19 Jan 2011 22:45:14 +0000 (UTC) Received: from slackbox.erewhon.net (slackbox.xs4all.nl [213.84.242.160]) by smtp-vbr4.xs4all.nl (8.13.8/8.13.8) with ESMTP id p0JMjDM3066211 for ; Wed, 19 Jan 2011 23:45:13 +0100 (CET) (envelope-from rsmith@xs4all.nl) Received: by slackbox.erewhon.net (Postfix, from userid 1001) id 39F86BAAB; Wed, 19 Jan 2011 23:45:13 +0100 (CET) Date: Wed, 19 Jan 2011 23:45:13 +0100 From: Roland Smith To: freebsd-questions@freebsd.org Message-ID: <20110119224513.GA4263@slackbox.erewhon.net> References: <4D34A6EF.30600@alokat.org> <20110117225308.GA40523@slackbox.erewhon.net> <20110118070719.GA51692@slackbox.erewhon.net> <20110118161040.GC76347@libertas.local.camdensoftware.com> <20110118171550.GA64143@slackbox.erewhon.net> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="sm4nu43k4a2Rpi4c" Content-Disposition: inline In-Reply-To: <20110118171550.GA64143@slackbox.erewhon.net> X-GPG-Fingerprint: 1A2B 477F 9970 BA3C 2914 B7CE 1277 EFB0 C321 A725 X-GPG-Key: http://www.xs4all.nl/~rsmith/pubkey.txt X-GPG-Notice: If this message is not signed, don't assume I sent it! User-Agent: Mutt/1.5.21 (2010-09-15) X-Virus-Scanned: by XS4ALL Virus Scanner Subject: Re: harddrive encryption X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Jan 2011 22:45:15 -0000 --sm4nu43k4a2Rpi4c Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Jan 18, 2011 at 06:15:50PM +0100, Roland Smith wrote: > > What do you folks think of the relative merits of AES vs Blowfish for > > disk encryption? >=20 > Neither have been broken with their complete number of rounds. Versions of > both can be broken with a reduced number of rounds. See > http://www.schneier.com/paper-blowfish-oneyear.html for some analysis of > blowfish, and e.g. http://www.schneier.com/paper-rijndael.html for several > attacks on Rijndael with reduced rounds. It seems I have to correct myself here. According to a presentation by Colin Percival [1] (slides [2]), blowfish is not safe because it uses a relatively small block size (for compatibility with DES, IIRC), which makes it more likely that you can get two identical blocks of (cypher)text in one message, giving an attacker an avenue of attack. His recommendation is to use AES. This is wat geli(8) recommends as well. [1]: http://blip.tv/file/3627639 [2]: http://www.bsdcan.org/2010/schedule/attachments/135_crypto1hr.pdf Roland --=20 R.F.Smith http://www.xs4all.nl/~rsmith/ [plain text _non-HTML_ PGP/GnuPG encrypted/signed email much appreciated] pgp: 1A2B 477F 9970 BA3C 2914 B7CE 1277 EFB0 C321 A725 (KeyID: C321A725) --sm4nu43k4a2Rpi4c Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.16 (FreeBSD) iEYEARECAAYFAk03aXkACgkQEnfvsMMhpyUdDwCeOs+pHm53mLbt477ireqy1mix mKgAnAkrxie8uCOtX7A6xFL6On2uVLZQ =YJ82 -----END PGP SIGNATURE----- --sm4nu43k4a2Rpi4c--