Branko Čibej wrote on Tue, Mar 27, 2012 at 03:05:12 +0200:
> On 26.03.2012 17:45, Greg Hudson wrote:
> > On 03/26/2012 09:00 AM, C. Michael Pilato wrote:
> >> The on-disk cache will contain everything it does today where
> >> plaintext caching is enabled, save that the password won't be
> >> plaintext, and there will be a bit of known encrypted text (for
> >> passphrase validation).
> > Is it important to be able to locally validate the passphrase? That
> > property intrinsically enables offline dictionary attacks.
>
> I was going to say the same. When I read "known encrypted text" my hair
> stood on end. :)
>
> You don't need passphrase validation. If the passphase is wrong, then
> the recovered password will be wrong, too. It is bad practice to tell
> people that they used the wrong passphrase, and it's even better if you
> don't even know that it's wrong.
>
Though it'll probably be possible to tell that the recovered thing isn't
a password --- for example, if it contains a NUL character, then it
isn't a password.
> -- Brane
>
Received on 2012-03-27 06:47:15 CEST