@cmuratori Isn't this so you can change your password, without having to re-encrypt the entire volume?
-
-
-
@_AndrewRussell If it's just user convenience, then that's fine - I just want to make sure I'm not missing something numerically important. - Show replies
New conversation -
-
-
@cmuratori I don't really understand how this does anything but introduce a second potential entropy failure point.Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
@cmuratori a) Actual key used for disk encryption is random and thus higher entropy. Important because disk contents include large amount... -
@rygorous So specifically what I wanted to know is if there is an actual explanation of why (a) is true? (ie., what is the attack) - Show replies
New conversation -
-
-
@cmuratori ...of known plaintext (OS). b) Allows you to change pwd without re-encrypting whole disk.Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
@cmuratori c) Since key is high-entropy random number, just need to secure wipe key block to nuke disk contents, unless cipher broken.Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
@cmuratori That last one is a good property if you need to wipe one disk quickly (or just lots of them, e.g. when disposing of old HW). -
@rygorous@cmuratori also allows sharing access without sharing secrets. Note that only a) is a crypto reason... - Show replies
New conversation -
-
-
@cmuratori As@rygorous said. Also, this makes it possible to change the password quickly (without re-encrypting everything).Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.