why does truecrypt only allow ASCII in passwords

Discussion in 'privacy technology' started by holodnaja, Aug 15, 2011.

Thread Status:
Not open for further replies.
  1. holodnaja

    holodnaja Registered Member

    Joined:
    Aug 15, 2011
    Posts:
    3
    I've been looking for an answer to that all over the web and found none.
    Only thing I found:

    TrueCrypt Volume passwords must consist only of printable ASCII characters. Non-ASCII characters in passwords are not supported and may cause various problems (e.g., inability to mount a volume).

    Now I would like to know what other problems it can cause as they state VARIOUS problems.
     
  2. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
    Designed that way? Not sure if anybody bothered to put non ascii chars against advice and document all that can go wrong. I guess it will break/not function as they said it will.
     
  3. holodnaja

    holodnaja Registered Member

    Joined:
    Aug 15, 2011
    Posts:
    3
    my questions IS why is it designed that way?
     
  4. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
    because it is easier not to worry about non ascii chars that can break things if not implemented/programmed well. and i doubt there is a need to support it
     
  5. holodnaja

    holodnaja Registered Member

    Joined:
    Aug 15, 2011
    Posts:
    3
    Not including all 108k unicode characters lowers the possible number of combinations around 423 times. I would say that is quite a trade-off..
     
  6. x942

    x942 Guest

    Theoretically yes. However using those Unicode characters posses it's own set of issues. For example using a Unicode character wrong would essentially break the entire system. Either by preventing access or ignoring those characters and in effect making your password weaker.

    Considering a 22 character ASCII password has the same (approximately) permutations as a 128 bit symmetric key and a ~30 character ASCII password has the same as a 256 bit symmetric key, I don't understand the need for this. If you are so paranoid I suggest using a 64 character ASCII password with maximum entropy and at least one character from each of the 95 character sets. Such a password has more possible permutations than a 256 bit symmetric key.

    also check out https://www.grc.com/haystack.htm
     
Thread Status:
Not open for further replies.