Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Tue, 5 Apr 2016 09:18:07 +0300
From: Aleksey Cherepanov <lyosha@...nwall.com>
To: john-dev@...ts.openwall.com
Subject: ciphers in TrueCrypt and how to report cracks

I am reading about TrueCrypt:
https://en.wikipedia.org/wiki/TrueCrypt

"Individual ciphers supported by TrueCrypt are AES, Serpent, and
Twofish. Additionally, five different combinations of cascaded
algorithms are available: AES-Twofish, AES-Twofish-Serpent,
Serpent-AES, Serpent-Twofish-AES and Twofish-Serpent."

"The cryptographic hash functions available for use in TrueCrypt are
RIPEMD-160, SHA-512, and Whirlpool."

So 8 ciphers * 3 hash functions = 24 variants. It seems easy, but...

"TrueCrypt currently uses the XTS mode of operation. Prior to this,
TrueCrypt used LRW mode in versions 4.1 through 4.3a, and CBC mode in
versions 4.0 and earlier."

So there should be more variants than 24... Does someone know what
modes and for what combinations are real?


Question on possible format design: I guess that pbkdf2-hmac-{hash}
part consists the most computational time, so when we computed derived
key, we may check it with all ciphers. Does it affect performance?
Could we just do it always? If so, should we report cipher together
with password?


Thanks!

-- 
Regards,
Aleksey Cherepanov

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ