Re: Product request - Enterprise whole disk encryption for laptops

[Valdis Kletnieks <Valdis.Kletnieks () VT EDU>]

On Sat, 15 Jul 2006 13:09:16 CDT, Roger Safian said:

> I always considered encryption an exercise in risk management.
> The risk I am trying to prevent is that the theft of a
> computer will expose the data to the casual criminal.

If you're lucky, the laptop gets stolen by somebody trying to support their
crack habit.  If you're unlucky, it's somebody trying to support their crystal
meth habit:

http://www.nytimes.com/2006/07/11/us/11meth.html?_r=1&oref=slogin

> assume that someone serious about cracking the encrypted
> files will simply resort to other, and much more effective
> methods of ascertaining the correct passphrase.  So my

There's other means, and there's other means. You can probably not worry about
rubber-hose crypto (Thanks, Marcus ;) because that requires access to the
liveware that has the key - probably not an issue with a stolen laptop.

One problem that you'll have to deal with is that if our hypothetical crystal
meth user has enough neurons left to turn the stolen laptop on to see what
value he can get from the hard drive, and he encounters crypto, that's a BIG
RED FLAG to him that he's found SOOPER SEEKRIT stuff that might be of value.  So
unless every crook and thief for 5 counties around just *knows* that "Every
laptop with a 'property of Miskatonic U' sticker on it is crypted, don't bother
trying", the presence of crypto is a sign of something important.

> question is this, just how long could I expect a passphrase,
> of at least 16 characters, composed on ONLY alpha-numeric
> characters, to withstand the attack?

http://www.eff.org/Privacy/Crypto/Crypto_misc/DESCracker/

Using a set of 100,000 PCs, distributed.net broke a DES key in some 22 hours.
That key had (presumably) 56 bits of entropy.  UPPER-lower 0-9 is a total
of 62 possibilities, call that 64 and we have a *potential* 6 bits of
entropy per character.  English text/words has about 2.2 (for short phrases,
probably closer to 3).  So 16 characters will vary from 48 bits to 96 bits
of entropy, depending how random they are. 'SleepyFuzzyABC12' probably only
has 48 or so, 'WM6PoJF7fzVWXcO5' closer to 96.

48 bits of entropy will break 2**(56-48) or 256 times faster than the
distributed.net challenge - so rent a botnet of 100K PCs for 10 minutes,
or a net of 500 bots for a day, and you have the key.

96 bits of entropy will break 2**(96-56) or 109,9511,627,776 times slower
than the DES key - or Not A Worry at current technology.  Whether your users
will let you force them to use that sort of password is another question :)

As I said, it's all about the strength of the passphrase.

Attachment: _bin
Description: