LUKS Cryptography Support

LUKS Cryptography Support

[Michael Gorven]

[-- Attachment #1: Type: text/plain, Size: 1076 bytes --]

Hi

I am currently adding support for LUKS encrypted partitions to GRUB2. Although 
I'm far from finished, there are a few issues I'd like to address.

1. I am using the crypto patch submitted by Simon Peter[1][2]. Are there any 
plans to integrate this patch, or should I resubmit it as part of my patch?

2. If I am to submit Simon's patch, what remaining issues are there with it? 
If there is a problem with the license of the ciphers I can replace them with 
suitable implementations.

3. What licenses are suitable for integration with GRUB? Most of the ciphers I 
need are available in libgcrypt[3], which is copyrighted by the FSF and under 
LGPL 2.1. I am currently using some other code which is under GPL 2 
however -- what is the situation with that?

Regards
Michael

[1] http://lists.gnu.org/archive/html/grub-devel/2007-09/msg00002.html
[2] http://lists.gnu.org/archive/html/grub-devel/2007-11/msg00113.html
[3] http://directory.fsf.org/project/libgcrypt/

-- 
http://michael.gorven.za.net
PGP Key ID 6612FE85
S/MIME Key ID D33AEB31

[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 189 bytes --]

Re: LUKS Cryptography Support

[Michael Gorven]

[-- Attachment #1.1: Type: text/plain, Size: 561 bytes --]

Here is an initial version of my LUKS patch. I still need to clean some things 
up, but I'd like to get some feedback regarding the design of the patch and 
things like coding style. I currently have the following ciphers, hashes and 
cipher modes implemented:

Ciphers: AES, CAST5, Serpent, Twofish
Hashes: MD5, SHA1, SHA256, SHA512
Modes: ECB, CBC-plain, CBC-ESSIV

Can someone please advise me on the issues I brought up in my previous 
message?

Thanks
Michael

-- 
http://michael.gorven.za.net
PGP Key ID 6612FE85
S/MIME Key ID D33AEB31

[-- Attachment #1.2: luks.diff.gz --]
[-- Type: application/x-gzip, Size: 75079 bytes --]

[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 189 bytes --]

Re: LUKS Cryptography Support

[Robert Millan]

On Tue, May 27, 2008 at 01:24:47PM +0200, Michael Gorven wrote:
> Here is an initial version of my LUKS patch. I still need to clean some things 
> up, but I'd like to get some feedback regarding the design of the patch and 
> things like coding style. I currently have the following ciphers, hashes and 
> cipher modes implemented:
> 
> Ciphers: AES, CAST5, Serpent, Twofish
> Hashes: MD5, SHA1, SHA256, SHA512
> Modes: ECB, CBC-plain, CBC-ESSIV
> 
> Can someone please advise me on the issues I brought up in my previous 
> message?

Sorry for the delay.  I appreciate your effort on this.  Will reply to your
other mail now.

-- 
Robert Millan

<GPLv2> I know my rights; I want my phone call!
<DRM> What good is a phone call… if you are unable to speak?
(as seen on /.)

Re: LUKS Cryptography Support

[Robert Millan]

On Thu, May 22, 2008 at 03:56:53PM +0200, Michael Gorven wrote:
> Hi
> 
> I am currently adding support for LUKS encrypted partitions to GRUB2. Although 
> I'm far from finished, there are a few issues I'd like to address.
> 
> 1. I am using the crypto patch submitted by Simon Peter[1][2]. Are there any 
> plans to integrate this patch, or should I resubmit it as part of my patch?

I don't think it can be merged untill the legal issues are resolved.
Additionally, the maintainers (Marco and Okuji) might require paperwork,
a step at which we didn't get because of the (more problematic) GPL-incompatible
terms in license.

> 2. If I am to submit Simon's patch, what remaining issues are there with it? 
> If there is a problem with the license of the ciphers I can replace them with 
> suitable implementations.

In particular, rmd160.c was problematic:

  http://lists.gnu.org/archive/html/grub-devel/2007-09/msg00005.html

> 3. What licenses are suitable for integration with GRUB? Most of the ciphers I 
> need are available in libgcrypt[3], which is copyrighted by the FSF and under 
> LGPL 2.1. I am currently using some other code which is under GPL 2 
> however -- what is the situation with that?

FSF-copyrighted code is always ok.  As for GPL 2 code, if it's not "2 or later"
it can't be legally recombined with GPL 3 code (aside from the constraints
about paperwork, see above).

Hope that helps,

-- 
Robert Millan

<GPLv2> I know my rights; I want my phone call!
<DRM> What good is a phone call… if you are unable to speak?
(as seen on /.)

Re: LUKS Cryptography Support

[Michael Gorven]

[-- Attachment #1: Type: text/plain, Size: 1413 bytes --]

On Wednesday 28 May 2008 16:07:09 Robert Millan wrote:
> On Thu, May 22, 2008 at 03:56:53PM +0200, Michael Gorven wrote:
> > 2. If I am to submit Simon's patch, what remaining issues are there with
> > it? If there is a problem with the license of the ciphers I can replace
> > them with suitable implementations.
>
> In particular, rmd160.c was problematic:
>
>   http://lists.gnu.org/archive/html/grub-devel/2007-09/msg00005.html

I have replaced the RIPEMD160 hash with the implementation from libgcrypt.

> > 3. What licenses are suitable for integration with GRUB? Most of the
> > ciphers I need are available in libgcrypt[3], which is copyrighted by the
> > FSF and under LGPL 2.1. I am currently using some other code which is
> > under GPL 2 however -- what is the situation with that?
>
> FSF-copyrighted code is always ok.  As for GPL 2 code, if it's not "2 or
> later" it can't be legally recombined with GPL 3 code (aside from the
> constraints about paperwork, see above).

Both pieces of code are "2 or later". The situation is therefore as follows 
(excluding code written by myself and Simon):

Numerous ciphers and hashes from libgcrypt: Copyright FSF and LGPL 2.1
AES cipher from Simon's patch: LGPL 2.1
Two pieces of code I've used: GPL 2 or later

What needs to be done?

Michael

-- 
http://michael.gorven.za.net
PGP Key ID 6612FE85
S/MIME Key ID D33AEB31

[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 189 bytes --]

Re: LUKS Cryptography Support

[Vesa Jääskeläinen]

Michael Gorven wrote:
> Numerous ciphers and hashes from libgcrypt: Copyright FSF and LGPL 2.1
> AES cipher from Simon's patch: LGPL 2.1

If we are to go with libgcrypt way... why you are not using AES from 
there? (or is it not available for some reason?)

> Two pieces of code I've used: GPL 2 or later

Those being?

Re: LUKS Cryptography Support

[Michael Gorven]

[-- Attachment #1: Type: text/plain, Size: 941 bytes --]

On Wednesday 28 May 2008 18:26:09 Vesa Jääskeläinen wrote:
> Michael Gorven wrote:
> > Numerous ciphers and hashes from libgcrypt: Copyright FSF and LGPL 2.1
> > AES cipher from Simon's patch: LGPL 2.1
>
> If we are to go with libgcrypt way... why you are not using AES from
> there? (or is it not available for some reason?)

Because Simon had an AES implementation in his patch already. I can replace it 
with libgcrypt's implementation if necessary.

> > Two pieces of code I've used: GPL 2 or later
>
> Those being?

AFsplitter [1] and a PBKDF2 implementation [2], both of which are used in LUKS 
key management. I noticed now that the PBKDF2 is copyright by the FSF, which 
might simplify things.

Michael

[1] http://clemens.endorphin.org/AFsplitter
[2] http://www.koders.com/c/fidB24883CA02C26631C5E52CBCB84E74E0EE58840A.aspx

-- 
http://michael.gorven.za.net
PGP Key ID 6612FE85
S/MIME Key ID D33AEB31

[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 189 bytes --]

Re: LUKS Cryptography Support

[Vesa Jääskeläinen]

Michael Gorven wrote:
> On Wednesday 28 May 2008 18:26:09 Vesa Jääskeläinen wrote:
>> Michael Gorven wrote:
>>> Numerous ciphers and hashes from libgcrypt: Copyright FSF and LGPL 2.1
>>> AES cipher from Simon's patch: LGPL 2.1
>> If we are to go with libgcrypt way... why you are not using AES from
>> there? (or is it not available for some reason?)
> 
> Because Simon had an AES implementation in his patch already. I can replace it 
> with libgcrypt's implementation if necessary.

My point being that, if we have minimal set of dependencies to elsewhere 
it is easier to upgrade code to newer version if there is a need to. 
Also now you only have to monitor one software source for changes. Using 
more common implementation also benefits for some extra eyes looking at 
the code.

I know that ppl here prefer to write code from scratch, but perhaps in 
this case it would be good idea to use another GNU project for 
additional code. Security is not the easiest topic in there to write 
properly.

Re: LUKS Cryptography Support

[Michael Gorven]

[-- Attachment #1: Type: text/plain, Size: 1338 bytes --]

On Wednesday 28 May 2008 18:58:20 Vesa Jääskeläinen wrote:
> Michael Gorven wrote:
> > On Wednesday 28 May 2008 18:26:09 Vesa Jääskeläinen wrote:
> >> Michael Gorven wrote:
> >>> Numerous ciphers and hashes from libgcrypt: Copyright FSF and LGPL 2.1
> >>> AES cipher from Simon's patch: LGPL 2.1
> >>
> >> If we are to go with libgcrypt way... why you are not using AES from
> >> there? (or is it not available for some reason?)
> >
> > Because Simon had an AES implementation in his patch already. I can
> > replace it with libgcrypt's implementation if necessary.
>
> My point being that, if we have minimal set of dependencies to elsewhere
> it is easier to upgrade code to newer version if there is a need to.
> Also now you only have to monitor one software source for changes. Using
> more common implementation also benefits for some extra eyes looking at
> the code.
>
> I know that ppl here prefer to write code from scratch, but perhaps in
> this case it would be good idea to use another GNU project for
> additional code. Security is not the easiest topic in there to write
> properly.

I agree. I certainly wasn't going to write my own ciphers! I'll replace the 
AES implementation with libgcrypt's.

Michael

-- 
http://michael.gorven.za.net
PGP Key ID 6612FE85
S/MIME Key ID D33AEB31

[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 189 bytes --]

Re: LUKS Cryptography Support

[Robert Millan]

On Wed, May 28, 2008 at 07:58:20PM +0300, Vesa Jääskeläinen wrote:
> 
> I know that ppl here prefer to write code from scratch, but perhaps in 
> this case it would be good idea to use another GNU project for 
> additional code. Security is not the easiest topic in there to write 
> properly.

I second that.

-- 
Robert Millan

<GPLv2> I know my rights; I want my phone call!
<DRM> What good is a phone call… if you are unable to speak?
(as seen on /.)