File Security Question

[c789]

Let's say I have several wallet.dat files in a 2MB TrueCrypt vault. I'm somewhat sketchy on TrueCrypt's security, so if I encrypted the TrueCrypt file itself with:

Code:

gpg -c --cipher-algo AES256 trueCryptFile.file

...does that pretty much guarantee that my wallets can't be cracked?

• The wallet.dat files have a 20+ character password.
• The TrueCrypt vault has a different 20+ character password.
• The gpg passphrase has a different 20+ character password.

My intentions are to upload the the gpg-encrypted TrueCrypt vault to several different servers over sftp. There is some risk of someone getting the encrypted file, one of which is because the servers are VPSs.

Please, let's not get into whether or not TrueCrypt is safe. All I know is that questions were raised but nobody has definitively proven it to be unsafe. I just want to know how hard it would be for someone to crack my wallet files given these 3 levels of encryption.

[Lauda]

The story with TrueCrypt is a bit of a mystery. It was allegedely safe and even recommended by Snowden until a certain point in time.
Read this and this.

AFAIK GPG encryption is very strong and it's usually the password that is the weakest link. Someone recommend using this:

Code:

gpg -c --force-mdc --s2k-mode 3 --s2k-count 65011712 personal.zip

Source

So it really depends on your password. It's not really about the length but the quality; Something like this: mypasswordis123andisveryweak (28 characters); is always going to be weaker than: i=4Ma(r*2sAm!@Hf2z4 (19).
You should also read this .

[c789]

Good tips - thanks, LaudaM.