Comment by Hakkin

Comment by Hakkin a day ago

8 replies

If a disk is encrypted, you don't have to worry about the contents if you eventually have to RMA or dispose of the disk. For this use case, it makes no difference how the encryption key is input.

tommiegannert a day ago

I'd guess the most common scenario is for someone giving away the entire computer, not fiddle with components. Or theft of the full machine.

This feels like one of those half-security measures that makes it feel like you're safe, but it's mostly marketing, making you believe *this* device can be both safe and easy to use.

  • lukeschlather 5 hours ago

    It's pretty fast to destroy all the keys in a TPM. Should take a minute if you know the right place to go. Meanwhile securely deleting a normal drive requires overwriting every sector with random data, which could take hours. So it also helps if you're giving away the whole machine.

megous a day ago

Encrypted data are noise now, maybe, but may be decryptable in the future with advances in computing.

So all this depends on what you worry about.

  • HPsquared 19 hours ago

    Most of this concern is around certain public key cryptography algorithms which depend on math problems being extremely hard to solve but could in theory be mathematically solved (decrypted without the key) with a good enough quantum computer.

    Disk encryption (AES etc) is symmetric and still only brute-force would work which can be made infeasible with a long enough key.

    • Avamander 17 hours ago

      Brute-forcing symmetric encryption is a somewhat silly concept anyways, because each decryption is equally valid.

      • cesarb 13 hours ago

        > Brute-forcing symmetric encryption is a somewhat silly concept anyways, because each decryption is equally valid.

        Each decryption is equally valid as long as the key has the same size as the data. What happens, in practice, is that the key is much smaller than the data. Take a look at your filesystem, it should have hundreds or thousands of bytes of fixed information (known plaintext), or an equivalent amount of verifiable information (the filesystem structure has to make sense, and the checksums must match). That is: for a large enough filesystem (where "large enough" is probably on the order of a small floppy disk), decrypting with the wrong key will result in unrecoverable garbage which does not make sense as a filesystem.

        To give an illustration: suppose all filesystems have to start with the four bytes "ABCD", and the key has 256 bits (a very common key size). If you choose a key randomly to decrypt a given cyphertext, there's only one chance in 2^32 that the decryption starts with ABCD, and if it doesn't, you know it's the wrong key. Now suppose the next four bytes have to be "EFGH", that means only one in 2^64 keys can decrypt to something which appears to be valid. It's easy to see that, once you add enough fixed bytes (or even bits), only one key, the correct one, will decrypt to something which appears to be valid.

      • tibordp 17 hours ago

        That's only true for information theoretically secure algorithms like one-time pad. It's not true for algorithms that are more practical to use like AES.

  • [removed] 19 hours ago
    [deleted]