0

I'm looking at setting up an encrypted container with TrueCrypt (surprise) but I'm not sure whether I should use multiple files or if a large file would make any difference.

Does the file size or number of files matter beyond the fact that you would for example need a larger file or have access to all the key files?

Jane Panda
  • 101
  • 2

1 Answers1

1

According to the Truecrypt documentation, only the first 1MB of contents in the keyfile is actually examined. So anything beyond that is totally superfluous.

But more interestingly, keyfiles are simply hashed (along with other keyfiles and any password) to produce the real key. As such, the real key length is limited -- as of course it would have to be.

The length of the hash output depends on the hashing algorithm, but the important point is that no matter how much entropy you put into the hash, the amount you get out is capped at the hash size. The result is far larger than could possibly ever by brute-force cracked, so that's not a concern. But if you're using truly random keyfiles, then just a few bytes (say 64 characters) is typically enough to hit that entropy cap. Anything beyond that is just further permutation of the same bits.

Again, you choose the hash type, and SHA-256 and SHA-512 are common candidates. As for how easy it is to brute-force crack a 256-bit key; it's impossible beyond the laws of physics.

tylerl
  • 82,665
  • 26
  • 149
  • 230
  • @tylerl '... the real key length is limited ...' depending on the longest bits among the keyfiles and password? I assume a password will be shorter than keyfile contents. – moey Apr 03 '14 at 06:38
  • @moey no - the real key is based on the hash of the file, not the file itself. The key is always the same size, no matter what size of file is used. – tylerl Apr 03 '14 at 16:24