Re: goals
Posted:
Tue Jun 10, 2014 1:35 pmby WaywardGeek
Merlin wrote:compul wrote:Mac wrote:@Resonance, @Merlin, @compul
One of the difficulties with trying to support multiple password hashing functions, and these need modernising, as a direct result of the audit, even if only during a transition period, is that space for the boot loader code is limited, it simply may not be possible to make it fit and support both methods, in which case setup may have to perform checks and force a decrypt before any upgrade. I suspect backwards support can be managed if the hashing iteration is simply increased, trying two iteration counts is a trivial amount of extra code, changing the function to some other memory hard function is desirable, but where I'd expect the developers to simply be forced to introduce breakage, purely because they can't get a quart into a pint pot.
Would moving from BIOS to UEFI solve this problem? If not, I've been looking for a reason to push my tiny SkinnyCat memory-hard password hashing scheme
It's quite a bit simpler than Script, but unfortunately, it has no real-world testing or cryptanalysis. So... maybe not.
Re: goals
Posted:
Tue Jun 10, 2014 2:20 pmby Merlin
WaywardGeek wrote:Would moving from BIOS to UEFI solve this problem? If not, I've been looking for a reason to push my tiny SkinnyCat memory-hard password hashing scheme
It's quite a bit simpler than Script, but unfortunately, it has no real-world testing or cryptanalysis. So... maybe not.
I don't know what constraints it introduces or removes to be frank, but BIOS boot support is something I think we're stuck with for the longish-medium term, even if UEFI is supported too, lots and LOTS of hardware out there simply doesn't support UEFI, and it'll be years before enough is retired for that to not be significant.
Microsoft are still supporting BIOS/MBR boot setups in Win8.1 to allow installs on such hardware.
Re: goals
Posted:
Fri Jun 13, 2014 6:53 amby Tronic
I want to suggest light versions of the fork for mobile OS's (Android and IOS), which would expand use to phones and tablets. By "light" I mean meat-and-potatoes encryption and decription, w/o full disk encryption, boot loaders, etc. It's extra work, yes, but it would be a long term goal that would put encryption in the hands of many more users. Global PC sales have gone down 6.9% in 2013, while global tablet sales went up 50.6% and global smartphone sales 44%, and those trends will just keep growing in the following years.