[148630] in cryptography@c2.net mail archive
Re: [Cryptography] Passwords are dying - get over it
daemon@ATHENA.MIT.EDU (Bill Cox)
Mon Dec 23 10:39:56 2013
X-Original-To: cryptography@metzdowd.com
In-Reply-To: <52B8445F.9060909@borg.org>
Date: Mon, 23 Dec 2013 10:10:07 -0500
From: Bill Cox <waywardgeek@gmail.com>
To: "cryptography@metzdowd.com List" <cryptography@metzdowd.com>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
--===============3246427298829797736==
Content-Type: multipart/alternative; boundary=089e0116167efac77304ee3505f1
--089e0116167efac77304ee3505f1
Content-Type: text/plain; charset=ISO-8859-1
I also take that approach. As Jefferson once said, when you do a thing,
imagine the whole world is watching and act accordingly.
It bothers me that I get more security from carrying a metal key to a
physical lock than I can get online. Maybe I'll put a key file on my phone
and try to be a bit more secure with my TrueCrypt password safe. I
certainly can't count on just their key stretching.
How would you recommend protecting your ssh private key? Here's a great
tutorial on adding key stretching to your ssh private key, which by default
has none:
http://martin.kleppmann.com/2013/05/24/improving-security-of-ssh-private-keys.html
The bad news: even the 0.1% of us who bother to add key stretching to our
ssh private key's only get 2048 rounds of AES-256, which wont even slow
down an ASIC based cracker. All this does is provide security against
hackers with graphics cards, and not much security at that. Frankly, this
protection is so dismal, I give up. Whoever is influencing TrueCrypt and
OpenSSL into hard-coding 2048 worthless rounds of key stretching designed
to be efficient on ASICs wins.
--089e0116167efac77304ee3505f1
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr">I also take that approach. =A0As Jefferson once said, when=
you do a thing, imagine the whole world is watching and act accordingly.<d=
iv><br></div><div>It bothers me that I get more security from carrying a me=
tal key to a physical lock than I can get online. =A0Maybe I'll put a k=
ey file on my phone and try to be a bit more secure with my TrueCrypt passw=
ord safe. =A0I certainly can't count on just their key stretching.</div=
>
<div><br></div><div>How would you recommend protecting your ssh private key=
? =A0Here's a great tutorial on adding key stretching to your ssh priva=
te key, which by default has none:</div><div><br></div><div><a href=3D"http=
://martin.kleppmann.com/2013/05/24/improving-security-of-ssh-private-keys.h=
tml">http://martin.kleppmann.com/2013/05/24/improving-security-of-ssh-priva=
te-keys.html</a><br>
</div><div class=3D"gmail_extra"><br></div><div class=3D"gmail_extra">The b=
ad news: even the 0.1% of us who bother to add key stretching to our ssh pr=
ivate key's only get 2048 rounds of AES-256, which wont even slow down =
an ASIC based cracker. =A0All this does is provide security against hackers=
with graphics cards, and not much security at that. =A0Frankly, this prote=
ction is so dismal, I give up. =A0Whoever is influencing TrueCrypt and Open=
SSL into hard-coding 2048 worthless rounds of key stretching designed to be=
efficient on ASICs wins.</div>
</div>
--089e0116167efac77304ee3505f1--
--===============3246427298829797736==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
--===============3246427298829797736==--
