Yeah, a bit of overkill but looking forward I considered that a year ago 128 bit used to be considered strong, whereas, a year later its not. Yeah, the password bit is the weakpoint but I'm not sure how to strengthen that. I have to consider that a users must get into the program somehow (relatively easily) but also consider that IF a hacker got in they'd then have access to ALL their passwords. Its needs a good strong front door. :-) Any ideas are welcome.
Also, how did you derive 10^16? Just curious. Thanks again.
| [reply] |
128 bits is still strong and will be for the forseeable future, excepting a sudden mathmatical breakthrough. Further, the cost to brute force rises exponentially with the keysize and can easily outpace Moore's Law.
You would do well to pick up a copy of "Applied Cryptography" (or "Practical Cryptography", which is sort of the updated version, but I haven't read it myself yet). In particular, you may find the chapter on combining ciphers enlightening. You can't just put two 256-bit ciphers together and get a 512-bit cipher. IIRC, you're not worse off (security-wise) than if you had only used one cipher, but you're probably no better off, either. It's possible to combine ciphers, but it has to be done carefuly.
----
send money to your kernel via the boot loader.. This and more wisdom available from Markov Hardburn.
| [reply] |
Yes, I think I might just have to get myself a copy of that book. My flatmate also recommended it. ++ Thanks for your comments.
| [reply] |