mailing list archives
RE: Good design for a Algorithmically Derived Passphrase for FDE (?!)
From: Eric White <ewhite () ssc wisc edu>
Date: Tue, 20 Nov 2007 09:36:00 -0600
I'm confused. Why not just generate random passwords/passphrases on a
stand-alone PC, use those for the laptops and then store the passwords in a
notebook in a safe, or in an encrypted file on the stand-alone PC? What is
the benefit of creating your own algorithm derived passphrase?
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On
Behalf Of ManInWhite
Sent: Tuesday, November 20, 2007 2:09 AM
To: Geoffrey Gowey
Cc: Ali, Saqib; security-basics () securityfocus com
Subject: Re: Good design for a Algorithmically Derived Passphrase for FDE
Hmmm interesting idea, but management stated that they did not want us to
maintain a database of passwords/passphrases for each unit, hence the
"algorithmically derived password". It is meant to as difficult as possible
for a user to change (and forget) their passphrase. If the user loses their
units password, there is a social and management structure in retrieving it,
where it can be rederived and presented.
Most of the laptops rarely ever connect to the network, so any kind of
centralised key distribution would be difficult or impossible.
Oh, I also have been given no money for commercial software for this
project, so safeboot or any other commercial software is right out.
Vista is also not an option. (Has been banned organisation wide, and so I am
not using BitLocker).
We were quoted by a few external groups for a FDE solution, and management
passed, wanting a free software solution.
I have developed a TrueCrypt/TCGina solution that encrypts all user profile
and data partitions, and forces the user to authenticate pre- Windows
authentication. Yes, this means the boot partition is not encrypted. (The
user is prevented from writing to the boot partition, so no private data is
ever stored on it).
Anyway, my point is not to look into alternative software options. The
underlying security of the TrueCrypt/TCGina solution is sound, open source
and gratis. Cant really budge from this.
What about the security of the algorithm derived passphrase?
Remember, the list of code words and 'hashing' function never
the laptop. They are calculated on a stand-alone
the derived phrase is entered into the laptop.
Does anybody have any suggestions on the security of passphrases?
(dictionary size, phrase length, etc)?
Geoffrey Gowey wrote:
If this is for the benefit of the end user then why not use some off
the wall personal information from them? I have yet to hear of anyone
mentioning using things like shoe size, their height, weight, and date
of hire for portions of a password.
On 11/19/07, Ali, Saqib <docbook.xml () gmail com> wrote:
On Nov 17, 2007 8:51 PM, ManInWhite <maninwhite () tpg com au> wrote:
It has been suggested that we use an algorithm derived passphrase
based on some unique hardware number.
[ HDD Serial# / Laptop Serial# ]
So when the laptop is stolen, the thief will also have all these
serial number, and if they get hold of their algorithm, they can
re-construct passphrase for any laptop.
this kind of scheme may work for equipment that doesn't leave the
facility e.g. servers in datacenter. But definitely don't use this
I suspect you are trying to use BitLocker, which lack centralized key
management. I would suggest you take a look at some other holistic
solutions for encrypting your laptops.