docs/98842: misc requests for gdbe
Ian Cognito
cryptonym at gmail.com
Mon Jun 12 04:10:22 UTC 2006
>Number: 98842
>Category: docs
>Synopsis: misc requests for gdbe
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-doc
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Mon Jun 12 04:10:20 GMT 2006
>Closed-Date:
>Last-Modified:
>Originator: Ian Cognito
>Release: 6.0
>Organization:
>Environment:
>Description:
First, let me say gbde is fairly impressive, and my requests in no way constitute bashing it.
In the documentation, it'd be nice if we had some idea of how much entropy the passphrase should contain to prevent it from being the weakest link in the security.
The following ideas were taken from truecrypt. I haven't really thought through whether they buy us much, so take them as food for thought...
It would be nice if we could specify a file on the filesystem which could be used in conjunction with the key to provide enough entropy for said pass phrase, and especially to be able to read it from a pipe (I do not know if gdbe can do this or not). Alternately it could be used in conjunction with the standard key mechanisms to create the sector keys, and so a passphrase alone is insufficient to gain access to plaintext. Either way it's sort of a cheap way of getting a lot of entropy out of a memorable passphrase, which tends to be somewhat weak alone (1-2 bits per letter).
>How-To-Repeat:
>Fix:
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-doc
mailing list