Silk Road forums

Discussion => Security => Topic started by: Virmo on December 19, 2012, 09:56 pm

Title: Truecrypt: which type is good enough /the best?
Post by: Virmo on December 19, 2012, 09:56 pm

It must not be impossible to remember too many letters/words, but it must be impossible to hack.

Simple aes enough?

Title: Re: Truecrypt: which type is good enough /the best?
Post by: Nightcrawler on December 19, 2012, 11:21 pm

Quote from: Virmo on December 19, 2012, 09:56 pm

It must not be impossible to remember too many letters/words, but it must be impossible to hack.

Simple aes enough?

The problem with using a single cipher algorithm, even one as good as AES, is that you are putting all your eggs in one basket.

Truecrypt provides two excellent alternatives: Serpent-Twofish-AES or AES-Twofish-Serpent.

The idea here is that 3 separate cipher algorithms are used to encrypt your data. In order for them to be cracked, ALL the ciphers will need to be broken.  The drawback is that this yields the slowest perfomance -- however, that's the price you pay for security.

Regardless of which cipher you eventually choose to go with, the primary protection will be afforded by your passphrase. I recommend Diceware. An 8-10 word Diceware passphrase should be secure for the foreseeable future.

See: http://www.diceware.com/

NC

Title: Re: Truecrypt: which type is good enough /the best?
Post by: CoolGrey on December 19, 2012, 11:24 pm

Plain AES is adequate. Anything more fancy is optional. Make sure you choose a password consisting of 8 to 10 words OR 15+ random characters (including upper and lower case, numbers and special characters on your keyboard).