Question re: TrueCrypt

[Reginald Peebottom]

I have started to use truecrypt in earnest over the past few weeks, but I have noticed that it *appears* to eat massive amounts of CPU cycles.

I have it currently setup on 2 different hard drives - 1 80Gig deskstar (7.2k 8mb cache I believe), and 1 160Gig (same) running on a p4 2.8 with 1gig of DDR. On both these drives I am running apps that have moderate volume access. My cpu usage runs continually at nearly 100% bringing things to a crawl too often.

Blowfish benched the fastest, by a wide margin, on my system so I use that on both drives.

I guess my question is this - is that "normal" to see that level of performance hit on my setup? If "yes" what reasonable PC setup ought I to be looking for? A 3500+ a64 or dual core? Or is this a situation where I do not have enough RAM to do what I am doing?

Thanks in advance for any tips.

I personally use truecrypt on my system WD 160 gb 8mb cach - 1024 mb ram

i had 1 container 20gb and it mysteriously used to lag my cpu bad when i would click certain folders but i never figured out why - but when i remade a new one and copyied my data in everything was fine. Maybe it was a container i made with 4.0 perhaps ?? but i personally would stay away from blowfish. I pay a lot of attention to security and encryption algorithms, and as such i have come to Two choices only . .

Serpent : Being the most secure algorithm by the AES board own admission, but is not as fast as other algorithms which is why it took a backseat. they stated Serpent has a higher security margin and would be considered more secure at the cost of cpu cycles.

Twofish : Being the second to serpent because of its better speed and very secure nature i personally use this. I get high security with speed, Only serpent can beat twofish.


** AES IS FLAWED ** several peoples encrypted data has been cracked using AES (by official agencies) and its been mentioned about how there are vulnrabilities with AES 128 and possibly AES 256 and to be honest i dont trust anything thats security and classed as the "standard in the field" i would rather use a little more power of my cpu and get a higher class security and make the pesky people who try and crack data they find have a very very very very bad day . .

I use a 56 Character password on my container files with a picture for a keyfile and my pass has UPPER lower and numbers - i would class my security as very good as far as encryption goes. The only think i am missing is a good FDE, but most of them use AES which i refuse to use. I would take blowfish over AES anyday and i hate both of them with a passion.

[TNT]

Quote:

Originally Posted by TECHWG

** AES IS FLAWED ** several peoples encrypted data has been cracked using AES (by official agencies) and its been mentioned about how there are vulnrabilities with AES 128 and possibly AES 256

Source?

[securityx]

Quote:

Originally Posted by TECHWG

** AES IS FLAWED ** several peoples encrypted data has been cracked using AES (by official agencies) and its been mentioned about how there are vulnrabilities with AES 128 and possibly AES 256

Not true. Is there a possible algebraic attack against Rijndael (the AES)?....yes. Is it even CLOSE to being practical to actually have data "cracked" (as you put it)? -- absolutely not.


AES is safe.

[lotuseclat79]

Hi TECHWG,

If you are uncertain about AES, checkout Whirlpool, named after M51 galaxy:
* Stronger encryption functions than MD5 (128bit)
Whirpool(512bit): http://en.wikipedia.org/wiki/WHIRLPOOL
Reference implementations (C,Java) available in documentation package at:
http://paginas.terra.com.br/informat...lpoolPage.html

-- Tom

Quote:

Originally Posted by lotuseclat79

Hi TECHWG,

If you are uncertain about AES, checkout Whirlpool, named after M51 galaxy:
* Stronger encryption functions than MD5 (128bit)
Whirpool(512bit): http://en.wikipedia.org/wiki/WHIRLPOOL
Reference implementations (C,Java) available in documentation package at:
http://paginas.terra.com.br/informat...lpoolPage.html

-- Tom

HUH? Whirlpool is a cryto hash, it is comparable to SHA, MD5 etc.

AES is completely different it's a cypher. The best Alternatives to AES(Rijndael) as mentioned are probably the other AES finalisits , particularly, serpent and twofish

[lotuseclat79]

Quote:

Originally Posted by cluelessnewbie

HUH? Whirlpool is a cryto hash, it is comparable to SHA, MD5 etc.
AES is completely different it's a cypher. The best Alternatives to AES(Rijndael) as mentioned are probably the other AES finalisits , particularly, serpent and twofish

Hi cluelessnewbie,

Whirlpool is a crypto hash, but not as weak as SHA-1 or MD5 both of which have known flaws.

There are several methods to use a block cipher to build a cryptographic hash function. The methods resembles the block cipher modes of operation usually used for encryption.

However, hash functions can be used to build other cryptographic primitives:
Just as block ciphers can be used to build hash functions, hash functions can be used to build block ciphers. Examples of such block ciphers are SHACAL, BEAR and LION.

Rijndael and AES are not the same:
Strictly speaking, AES is not precisely Rijndael (although in practice they are used interchangeably) as Rijndael supports a larger range of block and key sizes; AES has a fixed block size of 128 bits and a key size of 128, 192 or 256 bits, whereas Rijndael can be specified with key and block sizes in any multiple of 32 bits, with a minimum of 128 bits and a maximum of 256 bits.

-- Tom