Cautionary question.

Win7 SP1

I have Bitlocker and TrueCrypt and I want to
doubly encrypt my drive. Would there be any
conflict here. Which should I do first?
Peter

Peter Jason wrote:
Win7 SP1

I have Bitlocker and TrueCrypt and I want to
doubly encrypt my drive. Would there be any
conflict here. Which should I do first?
Peter

You want a cryptography group, not a Windows group.
A cryptanalyst would know the answer.

*******

Applying two encryptions in sequence, is only
slightly better than just one.

http://en.wikipedia.org/wiki/Meet-in-the-middle_attack

And TrueCrypt already has options internally
to apply two of them.

http://en.wikipedia.org/wiki/Truecrypt

"Additionally, five different combinations
of cascaded algorithms are available"

You are probably more vulnerable to a non-cryptographic
attack. As described in the second article. I would
expect a number of these methods are vulnerable in
the same way. Compare the known attack methods
listed in the TruecCrypt and BitLocker articles,
to see if they can be attacked in the same way.

http://news.bbc.co.uk/2/hi/technology/3804895.stm

"As the former chief scientist of the NSA once
remarked at one of our security workshops, almost
all breaks of cipher systems are due to implementation
errors, operational failures, burglary, blackmail
and bribery."

BitLocker was written at Microsoft. The janitor there
who cleans the offices at the end of the day, works
for the NSA. (This is a joking reference to an individual
at my work, who appeared to be interested in collecting
intelligence while vacuuming. Think of it as double-vacuuming.
He was immediately removed from the site.)

HTH,
Paul

On 5/28/2014 12:13 AM, Paul wrote [in part]:
Peter Jason wrote:
Win7 SP1

I have Bitlocker and TrueCrypt and I want to
doubly encrypt my drive. Would there be any
conflict here. Which should I do first?
Peter

You want a cryptography group, not a Windows group.
A cryptanalyst would know the answer.

[snipped]

Try either alt.security.pgp or comp.security.pgp.discuss.

--
David E. Ross

The Crimea is Putin's Sudetenland.
The Ukraine will be Putin's Czechoslovakia.
See http://www.rossde.com/editorials/edtl_PutinUkraine.html.

On Wed, 28 May 2014 07:17:24 -0700, David E. Ross wrote:

On 5/28/2014 12:13 AM, Paul wrote [in part]:
Peter Jason wrote:
Win7 SP1

I have Bitlocker and TrueCrypt and I want to doubly encrypt my drive.
Would there be any conflict here. Which should I do first? Peter

You want a cryptography group, not a Windows group.
A cryptanalyst would know the answer.

[snipped]

Try either alt.security.pgp or comp.security.pgp.discuss.

You sound a bit paranoid, but your best bet is to use a long safe
password. Your next problem is remembering it.

On Wed, 28 May 2014 17:09:07 +0000 (UTC), Dave
wrote:

On Wed, 28 May 2014 07:17:24 -0700, David E. Ross wrote:

On 5/28/2014 12:13 AM, Paul wrote [in part]:
Peter Jason wrote:
Win7 SP1

I have Bitlocker and TrueCrypt and I want to doubly encrypt my drive.
Would there be any conflict here. Which should I do first? Peter

You want a cryptography group, not a Windows group.
A cryptanalyst would know the answer.

[snipped]

Try either alt.security.pgp or comp.security.pgp.discuss.

You sound a bit paranoid, but your best bet is to use a long safe
password. Your next problem is remembering it.

I've posted this before but maybe it's worth re-posting...I use an old
song book and pick a favorite song, then use the page number, song
number and first letters of a familiar verse in that song. This is
easy to remember and would be very hard for a hacker to figure out.

Gordon

On Wed, 28 May 2014 13:02:58 -0500, Gordon wrote:

On Wed, 28 May 2014 17:09:07 +0000 (UTC), Dave
wrote:

On Wed, 28 May 2014 07:17:24 -0700, David E. Ross wrote:

On 5/28/2014 12:13 AM, Paul wrote [in part]:
Peter Jason wrote:
Win7 SP1

I have Bitlocker and TrueCrypt and I want to doubly encrypt my drive.
Would there be any conflict here. Which should I do first? Peter

You want a cryptography group, not a Windows group.
A cryptanalyst would know the answer.

[snipped]

Try either alt.security.pgp or comp.security.pgp.discuss.

You sound a bit paranoid, but your best bet is to use a long safe
password. Your next problem is remembering it.

I've posted this before but maybe it's worth re-posting...I use an old
song book and pick a favorite song, then use the page number, song
number and first letters of a familiar verse in that song. This is
easy to remember and would be very hard for a hacker to figure out.

I don't want to have to remember which song I picked, so I just use double
ROT-13. That's easy enough to remember.

--

Char Jackson

On 5/28/2014 11:02 AM, Gordon wrote:
On Wed, 28 May 2014 17:09:07 +0000 (UTC), Dave
wrote:

On Wed, 28 May 2014 07:17:24 -0700, David E. Ross wrote:

On 5/28/2014 12:13 AM, Paul wrote [in part]:
Peter Jason wrote:
Win7 SP1

I have Bitlocker and TrueCrypt and I want to doubly encrypt my drive.
Would there be any conflict here. Which should I do first? Peter

You want a cryptography group, not a Windows group.
A cryptanalyst would know the answer.

[snipped]

Try either alt.security.pgp or comp.security.pgp.discuss.

You sound a bit paranoid, but your best bet is to use a long safe
password. Your next problem is remembering it.

I've posted this before but maybe it's worth re-posting...I use an old
song book and pick a favorite song, then use the page number, song
number and first letters of a familiar verse in that song. This is
easy to remember and would be very hard for a hacker to figure out.

Gordon


I go to the Web site of a PGP keyserver, view a public key, and copy a
fragment. It has upper-case, lower-case, and digits. I save the result
in a text file that encrypt with my own PGP key. My PGP pass-phrase is
recorded only in my brain and in a envelope in my safe deposit box at a
bank.

SeaMonkey is my browser of choice. I use its Password Manager to save
Web site passwords. The Password Manager encrypts its database using a
pass-phrase that is different from my PGP pass-phrase.

Key servers can be found at:
http://kerckhoffs.surfnet.nl/
http://keyserver.stack.nl/
http://www.stinkfoot.org:11371/
Input to any of these is the E-mail address of someone who has a PGP key
on the server. For creating a password, even expired or revoked PGP
keys are okay because what you want is an arbitrary string of characters
not an entire functional key.

--
David E. Ross

The Crimea is Putin's Sudetenland.
The Ukraine will be Putin's Czechoslovakia.
See http://www.rossde.com/editorials/edtl_PutinUkraine.html.

On Thu, 29 May 2014 17:02:23 -0500, Char Jackson wrote:

I've posted this before but maybe it's worth re-posting...I use an old
song book and pick a favorite song, then use the page number, song
number and first letters of a familiar verse in that song. This is
easy to remember and would be very hard for a hacker to figure out.

I don't want to have to remember which song I picked, so I just use double
ROT-13. That's easy enough to remember.

There was a newscast the other day describing a person who had made a
180 degree turn around in his life after getting out of prison.

I've never been in prison, but I was reminded of a time in my life when
I did twice as well that person. I made a 360-degree turn around, and
life has been great since.

--
Gene E. Bloch (Stumbling Bloch)

On Thu, 29 May 2014 17:26:26 -0700, "Gene E. Bloch"
wrote:

On Thu, 29 May 2014 17:02:23 -0500, Char Jackson wrote:

I've posted this before but maybe it's worth re-posting...I use an old
song book and pick a favorite song, then use the page number, song
number and first letters of a familiar verse in that song. This is
easy to remember and would be very hard for a hacker to figure out.

I don't want to have to remember which song I picked, so I just use double
ROT-13. That's easy enough to remember.

There was a newscast the other day describing a person who had made a
180 degree turn around in his life after getting out of prison.

I've never been in prison, but I was reminded of a time in my life when
I did twice as well that person. I made a 360-degree turn around, and
life has been great since.

Did you end up with a fresh perspective or was it more of a deju vu moment
when you completed the 360?

--

Char Jackson

On Fri, 30 May 2014 16:18:51 -0500, Char Jackson wrote:

On Thu, 29 May 2014 17:26:26 -0700, "Gene E. Bloch"
wrote:

On Thu, 29 May 2014 17:02:23 -0500, Char Jackson wrote:

I've posted this before but maybe it's worth re-posting...I use an old
song book and pick a favorite song, then use the page number, song
number and first letters of a familiar verse in that song. This is
easy to remember and would be very hard for a hacker to figure out.

I don't want to have to remember which song I picked, so I just use double
ROT-13. That's easy enough to remember.

There was a newscast the other day describing a person who had made a
180 degree turn around in his life after getting out of prison.

I've never been in prison, but I was reminded of a time in my life when
I did twice as well that person. I made a 360-degree turn around, and
life has been great since.

Did you end up with a fresh perspective or was it more of a deju vu moment
when you completed the 360?

Totally a fresh perspective!

Thanks, your remark cracked me up...

It just popped into my mind from the dim recesses of memory that my
first computer program dealt with Riemann surfaces, and the fun thing
about them was that a 2 pi turn *did* give a fresh perspective. It
required great care in programming...

--
Gene E. Bloch (Stumbling Bloch)

On Fri, 30 May 2014 17:27:22 -0700, "Gene E. Bloch"
wrote:

On Fri, 30 May 2014 16:18:51 -0500, Char Jackson wrote:

On Thu, 29 May 2014 17:26:26 -0700, "Gene E. Bloch"
wrote:

On Thu, 29 May 2014 17:02:23 -0500, Char Jackson wrote:

I've posted this before but maybe it's worth re-posting...I use an old
song book and pick a favorite song, then use the page number, song
number and first letters of a familiar verse in that song. This is
easy to remember and would be very hard for a hacker to figure out.

I don't want to have to remember which song I picked, so I just use double
ROT-13. That's easy enough to remember.

There was a newscast the other day describing a person who had made a
180 degree turn around in his life after getting out of prison.

I've never been in prison, but I was reminded of a time in my life when
I did twice as well that person. I made a 360-degree turn around, and
life has been great since.

Did you end up with a fresh perspective or was it more of a deju vu moment
when you completed the 360?

Totally a fresh perspective!

Thanks, your remark cracked me up...

It just popped into my mind from the dim recesses of memory that my
first computer program dealt with Riemann surfaces, and the fun thing
about them was that a 2 pi turn *did* give a fresh perspective. It
required great care in programming...

Riemann surfaces and 2 pi turns? We have lived different lives. :-)

--

Char Jackson

On Thu, 29 May 2014 17:26:26 -0700, "Gene E. Bloch"
wrote:

On Thu, 29 May 2014 17:02:23 -0500, Char Jackson wrote:

I've posted this before but maybe it's worth re-posting...I use an old
song book and pick a favorite song, then use the page number, song
number and first letters of a familiar verse in that song. This is
easy to remember and would be very hard for a hacker to figure out.

I don't want to have to remember which song I picked, so I just use double
ROT-13. That's easy enough to remember.

There was a newscast the other day describing a person who had made a
180 degree turn around in his life after getting out of prison.

I've never been in prison, but I was reminded of a time in my life when
I did twice as well that person. I made a 360-degree turn around, and
life has been great since.

And, there was that ram that was chasing a ewe when he fell over the
edge of a cliff. He didn't see the U-turn.