rsmith at xs4all.nl
Tue Jan 18 17:15:52 UTC 2011
On Tue, Jan 18, 2011 at 08:10:40AM -0800, Chip Camden wrote:
> It seems prudent to me to reduce the attack surface to that which really
> needs to be defended -- "When you defend everything, you defend nothing".
> Not to mention avoiding the overhead of encrypting OS files.
> What do you folks think of the relative merits of AES vs Blowfish for
> disk encryption?
Neither have been broken with their complete number of rounds. Versions of
both can be broken with a reduced number of rounds. See
http://www.schneier.com/paper-blowfish-oneyear.html for some analysis of
blowfish, and e.g. http://www.schneier.com/paper-rijndael.html for several
attacks on Rijndael with reduced rounds.
It looks like both are viable choices today. Certainly good enough to protect
your data in case of hardware theft. No encryption method is secure against
lead-pipe cryptanalysis. [http://www.schlockmercenary.com/2009-10-19] :-)
But it seems like a safe bet that there will be more effort spent on breaking
[plain text _non-HTML_ PGP/GnuPG encrypted/signed email much appreciated]
pgp: 1A2B 477F 9970 BA3C 2914 B7CE 1277 EFB0 C321 A725 (KeyID: C321A725)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 196 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20110118/10038869/attachment.pgp
More information about the freebsd-questions