GBDE and GELI security

Chad Perrin perrin at
Tue Dec 4 16:03:49 PST 2007

I've read reports to the effect that GBDE is vulnerable to online
dictionary attacks unless two-factor authentication is used.  The only
such report I can find now is this discussion of NetBSD's CGD, where its
author contrasts it with GBDE:

Is this still the case?  Are there any other security concerns related to
GBDE's implementation that you might mention?  How well does GELI stack
up against GBDE?

I was surprised to read that OpenBSD's svnd is vulnerable to *offline*
dictionary attacks.  Any comments on that?

CCD CopyWrite Chad Perrin [ ]
Sen. Dick Durbin, D-IL, to an RIAA executive: "Are you headed to junior
high schools to round up the usual suspects?"

More information about the freebsd-questions mailing list