Closed hakavlad closed 1 year ago
Dude, that's exactly the whole purpose of the "deniability" setting. 🤦🏻♂️🤦🏻♂️🤦🏻♂️🤦🏻♂️
that's exactly the whole purpose of the "deniability" setting
No.
that's exactly the whole purpose of the "deniability" setting
No.
It is. 🤦🏻♂️🤦🏻♂️🤦🏻♂️ Because without this, it would NOT be deniable. 🤦🏻♂️
Decryption never needs confirm password. The point of confirm password is to make sure that you don't make a typo when encrypting and then be left with an undecryptable volume. When decrypting, if you make a typo, you can just try again. Whether the volume is deniable or not doesn't make a difference here.
On Sat, Jun 3, 2023, 8:58 a.m. BigPanda97 @.***> wrote:
that's exactly the whole purpose of the "deniability" setting
No.
It is. 🤦🏻♂️🤦🏻♂️🤦🏻♂️ Because without this, it would NOT be deniable. 🤦🏻♂️
— Reply to this email directly, view it on GitHub https://github.com/HACKERALERT/Picocrypt/issues/163#issuecomment-1574930628, or unsubscribe https://github.com/notifications/unsubscribe-auth/ALUMDTFYYL6VUAEUOF5J2YLXJMYHBANCNFSM6AAAAAAYZHPXPI . You are receiving this because you are subscribed to this thread.Message ID: @.***>
And yes, BigPanda is correct in that the removing deniability component of the decryption process for deniable volumes is unavoidable. Whether your password is right or wrong must be checked after the deniability is removed since the deniability protection is just another layer of encryption and under that later is the actual volume where the encryption key hash is stored. This could be avoided by making some changes to the deniable volume format (storing the encryption key hash in it as well), but I don't think it's necessary since you shouldn't need to try more than three times assuming you know the password.
On Sat, Jun 3, 2023, 8:58 a.m. BigPanda97 @.***> wrote:
that's exactly the whole purpose of the "deniability" setting
No.
It is. 🤦🏻♂️🤦🏻♂️🤦🏻♂️ Because without this, it would NOT be deniable. 🤦🏻♂️
— Reply to this email directly, view it on GitHub https://github.com/HACKERALERT/Picocrypt/issues/163#issuecomment-1574930628, or unsubscribe https://github.com/notifications/unsubscribe-auth/ALUMDTFYYL6VUAEUOF5J2YLXJMYHBANCNFSM6AAAAAAYZHPXPI . You are receiving this because you are subscribed to this thread.Message ID: @.***>
if you make a typo, you can just try again
That's a sufficient explanation, thank you.
"Confirm password" is not requested (I can't check if the password entered is correct when decrypting). If I made a typo when entering the password, I will have to wait until the end of the decryption.