Search Mailing List Archives

Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] CryptoParty Handbook

Maxim Kammerer mk at
Thu Oct 4 20:43:46 PDT 2012

On Fri, Oct 5, 2012 at 2:06 AM, Seth David Schoen <schoen at> wrote:
> NIST and others have thought about what appropriate cryptographic key lengths
> are to respond to the phenomenon of computers getting faster.  That's why
> current NIST recommendations call for using 2048-bit RSA instead of 1024-bit
> RSA -- not a quantum cryptosystem, just a stronger key length.

Recommended key lengths get larger mostly due to theoretic advances,
much less so due to computers getting faster. Cryptographic algorithms
are supposed to be resistant to brute force attacks for the
foreseeable future at the time of their design, when used with the
default key length.

> Some people see this concern as hypothetical, but it's pretty easy to
> test with loopback mounting.  I just made a 100 MB file, initialized it
> with zeroes, created an ext4 filesystem in it, and loopback mounted the
> filesystem.  Then I created several very large text files with repeating,
> easy-to-recognize contents, and then deleted the files with shred -u.
> It was still possible to find a small number of copies of the text file
> contents in the underlying storage file afterward -- probably because of
> data journaling in ext4.

Did anyone try this with devices that are supposed to be resistant to
file shredding due to wear leveling? I tried the following on two USB
keys, one ~12 years old, another ~6 years old, both formatted as

echo test_string_123 > x
for i in $(seq 20); do cat x x > x1; mv x1 x; done
cp x /media/... && sync
shred -u /media/... && sync
cp /dev/sd... image
LC_ALL=C grep -wc test_string_123 image

The result was 0 in both cases.

Maxim Kammerer
Liberté Linux:

More information about the liberationtech mailing list