Doesn't that just give the attacker more targets to hit? I know that under norma... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		__MatrixMan__ on April 18, 2023 \| parent \| context \| favorite \| on: PSA: Upgrade your LUKS key derivation function Doesn't that just give the attacker more targets to hit? I know that under normal circumstances you can just write off the wildly improbable case of a hash collision, but when you're up against an army of GPU's I'm not sure I'd want to risk the possibility that `aaa` (or some other brute force candidate) collides with whatever urandom spit out that day.

sowbug on April 18, 2023 | [–]

Each of those red-herring passphrases is 384 bits. Enough said.

ryan-c on April 19, 2023 | [–]

Even under abnormal circumstances, it can be written off. You're more likely to win several lottery jackpots in a row than to be bitten by that.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact