|
Title: Your opinion on cascaded algorithms Post by: cellard on March 15, 2018, 03:32:31 PM I have been looking at different encryption schemes. For example, Veracrypt has different combinations, namely, AES256 only, AES256(Serpent), AES256(Serpent(Twofish)) and other combos.
https://cdn.pcsteps.com/wp-content/uploads/2016/01/File-Encryption-Disk-Encryption-with-VeraCrypt-08.png Is this worth your time, or AES256 is enough? A part of me is too paranoid to use only AES256, since it's a NIST algo, and who knows. In theory, if AES256 gets cracked, you still would have to crack Serpent + Twofish. What's your opinion on adding this kind of encryption on Core's wallet.dat? Title: Re: Your opinion on cascaded algorithms Post by: HeRetiK on March 15, 2018, 04:26:16 PM Unless performance is of concern (eg. encryption / decryption taking too long or eating up too much CPU) I don't see any harm done. Whether it's really necessary or improves security all that much is a different question of course, but I guess rather safe than sorry? Keep in mind though that other attack vectors may still exist, eg. whenever your wallet.dat file is accessed and unencrypted.
Title: Re: Your opinion on cascaded algorithms Post by: hatshepsut93 on March 15, 2018, 06:37:28 PM Some very paranoid people do it "just in case", and it's okay to do it as long as you are sure that you are implementing everything 100% correctly, but in reality all crypto systems are getting cracked because of mistakes in their implementations (reusing keys and parameters, weak randomness, etc.). I think people who are worried about security should spend more time on thinking about other potential dangers like armed intruders, kidnapping, malware, housefire, natural hazards and so on, since those things are way more likely to happen than your correctly implemented cryptography getting broken.
Title: Re: Your opinion on cascaded algorithms Post by: DannyHamilton on March 15, 2018, 06:58:38 PM Title: Re: Your opinion on cascaded algorithms Post by: cellard on March 15, 2018, 07:51:52 PM Yeah, which is why they should add plausible deniability too to in case some fucktard is menacing you with a $5 wrench in real life, also the contents of your wallet should be hidden when you open Bitcoin Core... I never understood why it shows everything... it should be hidden unless you enter a password, and you could have multiple passwords opening different wallets within the same file. Anyway, still, in any case, there could be scenarios in which due unlucky circumstances AES256 would be cracked/backdoored, and I don't see how having multiple layers of encryption would hurt. Title: Re: Your opinion on cascaded algorithms Post by: aliashraf on March 15, 2018, 09:03:47 PM Not necessary, imo, just increasing the complexity of the code while, as guys have mentioned above correctly, other attack vectors exist and are far more practical and real than an imaginary one like a super computer being hired for months to break AES256 for the sole purpose of stealing few btcs.
I think using a strong enough password will block such an attack and in contrast, leaking information about one's crypto holdings or keeping dat files (and worse, playing with them) on a computer exposed to the internet can incentivize criminal activities from soft crack/hack attempts to hard ones like kidnapping and threatening. |
