Security Basics mailing list archives
Re: Good design for a Algorithmically Derived Passphrase for FDE (?!)
From: "Geoffrey Gowey" <gjgowey () gmail com>
Date: Mon, 19 Nov 2007 17:26:36 -0500
If this is for the benefit of the end user then why not use some off the wall personal information from them? I have yet to hear of anyone mentioning using things like shoe size, their height, weight, and date of hire for portions of a password. Geoff On 11/19/07, Ali, Saqib <docbook.xml () gmail com> wrote:
On Nov 17, 2007 8:51 PM, ManInWhite <maninwhite () tpg com au> wrote:It has been suggested that we use an algorithm derived passphrase based on some unique hardware number. [ HDD Serial# / Laptop Serial# ]So when the laptop is stolen, the thief will also have all these serial number, and if they get hold of their algorithm, they can re-construct passphrase for any laptop. this kind of scheme may work for equipment that doesn't leave the facility e.g. servers in datacenter. But definitely don't use this for laptops. I suspect you are trying to use BitLocker, which lack centralized key management. I would suggest you take a look at some other holistic solutions for encrypting your laptops. Saqib http://www.full-disk-encryption.net/
-- Kindest Regards, Geoff
Current thread:
- Good design for a Algorithmically Derived Passphrase for FDE (?!) ManInWhite (Nov 19)
- Re: Good design for a Algorithmically Derived Passphrase for FDE (?!) Ansgar -59cobalt- Wiechers (Nov 19)
- Re: Good design for a Algorithmically Derived Passphrase for FDE (?!) ManInWhite (Nov 19)
- RE: Good design for a Algorithmically Derived Passphrase for FDE (?!) Arbogast, Paul (Citco) (Nov 20)
- Re: Good design for a Algorithmically Derived Passphrase for FDE (?!) Ansgar -59cobalt- Wiechers (Nov 20)
- RE: Good design for a Algorithmically Derived Passphrase for FDE (?!) David Gillett (Nov 20)
- RE: Good design for a Algorithmically Derived Passphrase for FDE (?!) Pranav Lal (Nov 21)
- Re: Good design for a Algorithmically Derived Passphrase for FDE (?!) ManInWhite (Nov 19)
- Re: Good design for a Algorithmically Derived Passphrase for FDE (?!) Ansgar -59cobalt- Wiechers (Nov 19)
- Re: Good design for a Algorithmically Derived Passphrase for FDE (?!) Ali, Saqib (Nov 19)
- Re: Good design for a Algorithmically Derived Passphrase for FDE (?!) Geoffrey Gowey (Nov 19)
- Re: Good design for a Algorithmically Derived Passphrase for FDE (?!) ManInWhite (Nov 20)
- RE: Good design for a Algorithmically Derived Passphrase for FDE (?!) Eric White (Nov 20)
- Re: Good design for a Algorithmically Derived Passphrase for FDE (?!) Geoffrey Gowey (Nov 19)
- Re: Good design for a Algorithmically Derived Passphrase for FDE (?!) Muhammad Farooq-i-Azam (Nov 20)