mailing list archives
Re: Good design for a Algorithmically Derived Passphrase for FDE (?!)
From: ManInWhite <maninwhite () tpg com au>
Date: Tue, 20 Nov 2007 18:38:56 +1030
Hmmm interesting idea, but management stated that they did not want us
to maintain a database of passwords/passphrases for each unit, hence the
"algorithmically derived password". It is meant to as difficult as
possible for a user to change (and forget) their passphrase. If the user
loses their units password, there is a social and management structure
in retrieving it, where it can be rederived and presented.
Most of the laptops rarely ever connect to the network, so any kind of
centralised key distribution would be difficult or impossible.
Oh, I also have been given no money for commercial software for this
project, so safeboot or any other commercial software is right out.
Vista is also not an option. (Has been banned organisation wide, and so
I am not using BitLocker).
We were quoted by a few external groups for a FDE solution, and
management passed, wanting a free software solution.
I have developed a TrueCrypt/TCGina solution that encrypts all user
profile and data partitions, and forces the user to authenticate pre-
Windows authentication. Yes, this means the boot partition is not
encrypted. (The user is prevented from writing to the boot partition, so
no private data is ever stored on it).
Anyway, my point is not to look into alternative software options. The
underlying security of the TrueCrypt/TCGina solution is sound, open
source and gratis. Cant really budge from this.
What about the security of the algorithm derived passphrase?
Remember, the list of code words and 'hashing' function never touch
the laptop. They are calculated on a stand-alone workstation, and
the derived phrase is entered into the laptop.
Does anybody have any suggestions on the security of passphrases?
(dictionary size, phrase length, etc)?
Geoffrey Gowey wrote:
If this is for the benefit of the end user then why not use some off
the wall personal information from them? I have yet to hear of anyone
mentioning using things like shoe size, their height, weight, and date
of hire for portions of a password.
On 11/19/07, Ali, Saqib <docbook.xml () gmail com> wrote:
On Nov 17, 2007 8:51 PM, ManInWhite <maninwhite () tpg com au> wrote:
It has been suggested that we use an
algorithm derived passphrase based on some unique hardware number.
[ HDD Serial# / Laptop Serial# ]
So when the laptop is stolen, the thief will also have all these
serial number, and if they get hold of their algorithm, they can
re-construct passphrase for any laptop.
this kind of scheme may work for equipment that doesn't leave the
facility e.g. servers in datacenter. But definitely don't use this for
I suspect you are trying to use BitLocker, which lack centralized key
management. I would suggest you take a look at some other holistic
solutions for encrypting your laptops.