[dm-crypt] maximum keyfile size

All of lore.kernel.org
 help / color / mirror / Atom feed

* [dm-crypt] maximum keyfile size
@ 2012-06-28  3:36 .. ink ..
  2012-06-28  6:34 ` Heinz Diehl
  0 siblings, 1 reply; 7+ messages in thread
From: .. ink .. @ 2012-06-28  3:36 UTC (permalink / raw)
  To: dm-crypt

"cryptsetup --help" says the maximum keyfile size 8192kB.

Does the above limit apply to users of the library too?
why that number, why not a good,round number of 10MB?

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [dm-crypt] maximum keyfile size
  2012-06-28  3:36 [dm-crypt] maximum keyfile size .. ink ..
@ 2012-06-28  6:34 ` Heinz Diehl
  2012-06-28  7:01   ` .. ink ..
  0 siblings, 1 reply; 7+ messages in thread
From: Heinz Diehl @ 2012-06-28  6:34 UTC (permalink / raw)
  To: dm-crypt

On 28.06.2012, .. ink .. wrote: 

> "cryptsetup --help" says the maximum keyfile size 8192kB.

As far as I understand the crytpsetup sourcecode, the keyfile gets
hashed, and is therefore comparable with a passphrase. 8192k for a
keyfile seems massive overkill, assumed you have 256/512 bit
encryption, where it will be sufficient to generate a keyfile which
contains 32/64 random chars. 

> Does the above limit apply to users of the library too?

AFAIK this is a limit which is set at compile time, see "configure
--help". I assume it's not hardcoded.

> why that number, why not a good,round number of 10MB?

I dunno.

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [dm-crypt] maximum keyfile size
  2012-06-28  6:34 ` Heinz Diehl
@ 2012-06-28  7:01   ` .. ink ..
  2012-06-28  7:54     ` Milan Broz
  0 siblings, 1 reply; 7+ messages in thread
From: .. ink .. @ 2012-06-28  7:01 UTC (permalink / raw)
  To: dm-crypt

> AFAIK this is a limit which is set at compile time, see "configure
> --help". I assume it's not hardcoded.
>

cryptsetup 1.4.3 and 1.5.o-rc1 seem to have a typo in ./configure
--help in the key size options

both read:

  --with-keyfile-size-maxkb
                          default maximum keyfile size (in kilobytes) [8192]
  --with-passphrase-size-max
                          default maximum keyfile size (in kilobytes) [512]


the explanation for passphrase size is talking about keyfile, not
passphrase. It also seem to suggest the max passphrase length is
512000 bytes( characters) while cryptsetup --help says its 512
characters.

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [dm-crypt] maximum keyfile size
  2012-06-28  7:01   ` .. ink ..
@ 2012-06-28  7:54     ` Milan Broz
  2012-06-28 10:28       ` Heinz Diehl
       [not found]       ` <CAFnMBaSBBGvhvGHkH=T1gd3RwRkSy75SyhG+zkPow_gA4uAhFA@mail.gmail.com>
  0 siblings, 2 replies; 7+ messages in thread
From: Milan Broz @ 2012-06-28  7:54 UTC (permalink / raw)
  To: dm-crypt


On 06/28/2012 09:01 AM, .. ink .. wrote:
>> AFAIK this is a limit which is set at compile time, see "configure
>> --help". I assume it's not hardcoded.

yes, all these limit are configurable through configure switches.

> cryptsetup 1.4.3 and 1.5.o-rc1 seem to have a typo in ./configure
> --help in the key size options
> 
> both read:
> 
>   --with-keyfile-size-maxkb
>                           default maximum keyfile size (in kilobytes) [8192]
>   --with-passphrase-size-max
>                           default maximum keyfile size (in kilobytes) [512]
> 
> 
> the explanation for passphrase size is talking about keyfile, not
> passphrase. It also seem to suggest the max passphrase length is
> 512000 bytes( characters) while cryptsetup --help says its 512
> characters.

Yes, copy&paste error, will fix it.

Passphrase is interactively entered string
(from real terminal, not stdint), keyfile is everything else.

You can overwrite keyfile limit with explicitly setting --keyfile-size.
(You cannot overwrite interactive password length though.)

Both limits apply even for library.

Milan

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [dm-crypt] maximum keyfile size
  2012-06-28  7:54     ` Milan Broz
@ 2012-06-28 10:28       ` Heinz Diehl
  2012-06-28 11:36         ` Matthias Schniedermeyer
       [not found]       ` <CAFnMBaSBBGvhvGHkH=T1gd3RwRkSy75SyhG+zkPow_gA4uAhFA@mail.gmail.com>
  1 sibling, 1 reply; 7+ messages in thread
From: Heinz Diehl @ 2012-06-28 10:28 UTC (permalink / raw)
  To: dm-crypt

On 28.06.2012, Milan Broz wrote: 

> Passphrase is interactively entered string
> (from real terminal, not stdint), keyfile is everything else.

So the length of a keyfile is equivalent to the length of a
passphrase, or is there any difference which should let me choose a
bigger keyfile than one containing 64 chars for "maximum security",
assumed I'm using 512 bit encryption?

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [dm-crypt] maximum keyfile size
  2012-06-28 10:28       ` Heinz Diehl
@ 2012-06-28 11:36         ` Matthias Schniedermeyer
  0 siblings, 0 replies; 7+ messages in thread
From: Matthias Schniedermeyer @ 2012-06-28 11:36 UTC (permalink / raw)
  To: dm-crypt

On 28.06.2012 12:28, Heinz Diehl wrote:
> On 28.06.2012, Milan Broz wrote: 
> 
> > Passphrase is interactively entered string
> > (from real terminal, not stdint), keyfile is everything else.
> 
> So the length of a keyfile is equivalent to the length of a
> passphrase, or is there any difference which should let me choose a
> bigger keyfile than one containing 64 chars for "maximum security",
> assumed I'm using 512 bit encryption?

If you shoot for maximum security that means you need at last 512 bit of 
ENTROPHY not characters (per se). As there are "values/bits missing" (at 
least the "\n") a 64 char key can't have the full 512 bit entrophy.

But when using e.g. base64 encoding you can pack the full 512 bits of 
entrophy into 85.33 chars. Personally i round that up to 528 bit, to get 
an even 88 chars. For base64 encoding the length should be divisible by 
3, otherwise you still get 88 chars (in this case) but the rest is 
filled with one or two "=" (Which you could also strip, it's no like you 
you need to be able to decode the string.)

head -c 66 /dev/random | openssl base64 -A
which gets you 88 chars.
or
head -c 64 /dev/random | openssl base64 -A | tr -d =
which gets you 86 chars.

Case one has 528 bits of entropy.
Case two has 512 bits of entrophy + 4 "empty" bits.

Bis denn

-- 
Real Programmers consider "what you see is what you get" to be just as 
bad a concept in Text Editors as it is in women. No, the Real Programmer
wants a "you asked for it, you got it" text editor -- complicated, 
cryptic, powerful, unforgiving, dangerous.

^ permalink raw reply	[flat|nested] 7+ messages in thread

[parent not found: <CAFnMBaSBBGvhvGHkH=T1gd3RwRkSy75SyhG+zkPow_gA4uAhFA@mail.gmail.com>]

* Re: [dm-crypt] maximum keyfile size
       [not found]       ` <CAFnMBaSBBGvhvGHkH=T1gd3RwRkSy75SyhG+zkPow_gA4uAhFA@mail.gmail.com>
@ 2012-06-28 11:22         ` .. ink ..
  0 siblings, 0 replies; 7+ messages in thread
From: .. ink .. @ 2012-06-28 11:22 UTC (permalink / raw)
  To: dm-crypt

resending the email with below content to list, didnt check were i
sent the email and i ended up sending it not to the list

On Thu, Jun 28, 2012 at 7:17 AM, .. ink .. <mhogomchungu@gmail.com> wrote:
>> Passphrase is interactively entered string
>> (from real terminal, not stdint), keyfile is everything else.
>>
>
> i know ssh prevents reading passphrase from stdin and demands a "real terminal"
>
> I have just spent hours googling looking for any security problems
> that arise from not caring if the passphrase came from tty,file or
> pipe and havent found anything.Any person know of a link i can read up
> to get more info?.
>
> i tried with version 1.5.0 rc1 and 1.3.1 to see how cryptsetup behaves
> when it asks for a key interactively while started on a background and
> this is what i saw. There seem to be a buffer overflow somewhere.
>
> [root@mtz sbin]# ./cryptsetup luksOpen /dev/sdc1 xxx &
> [3] 29690
> [root@mtz sbin]# Enter passphrase for /dev/sdc1: pp
> Usage:  pp -t type [-a] [-i input] [-o output]
> -t type              Specify the input type (must be one of private-key,
>                     public-key, certificate, certificate-request,
>                     pkcs7, crl or name)
> -a                   Input is in ascii encoded form (RFC1113)
> -i input             Define an input file to use (default is stdin)
> -o output            Define an output file to use (default is stdout)
>
> [3]+  Stopped                 ./cryptsetup luksOpen /dev/sdc1 xxx
> [root@mtz sbin]#

^ permalink raw reply	[flat|nested] 7+ messages in thread

end of thread, other threads:[~2012-06-28 11:36 UTC | newest]

Thread overview: 7+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2012-06-28  3:36 [dm-crypt] maximum keyfile size .. ink ..
2012-06-28  6:34 ` Heinz Diehl
2012-06-28  7:01   ` .. ink ..
2012-06-28  7:54     ` Milan Broz
2012-06-28 10:28       ` Heinz Diehl
2012-06-28 11:36         ` Matthias Schniedermeyer
     [not found]       ` <CAFnMBaSBBGvhvGHkH=T1gd3RwRkSy75SyhG+zkPow_gA4uAhFA@mail.gmail.com>
2012-06-28 11:22         ` .. ink ..

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.