Re: [Qemu-devel] [PATCH 1/6] crypto: make PBKDF iterations configurable for LUKS format

All of lore.kernel.org
 help / color / mirror / Atom feed

From: "Daniel P. Berrange" <berrange@redhat.com>
To: Eric Blake <eblake@redhat.com>
Cc: qemu-devel@nongnu.org, "Marc-André Lureau" <marcandre.lureau@redhat.com>
Subject: Re: [Qemu-devel] [PATCH 1/6] crypto: make PBKDF iterations configurable for LUKS format
Date: Fri, 9 Sep 2016 10:32:46 +0100	[thread overview]
Message-ID: <20160909093246.GD25802@redhat.com> (raw)
In-Reply-To: <598cc8e9-ea94-b469-bb89-17a1af71a3dd@redhat.com>

On Thu, Sep 08, 2016 at 12:44:55PM -0500, Eric Blake wrote:
> On 09/08/2016 11:27 AM, Daniel P. Berrange wrote:
> > As protection against bruteforcing passphrases, the PBKDF
> > algorithm is tuned by counting the number of iterations
> > needed to produce 1 second of running time. If the machine
> > that the image will be used on is much faster than the
> > machine where the image is created, it can be desirable
> > to raise the number of limits. This adds a new 'iter-time'
> 
> s/limits/iterations/ ?
> 
> > property that allows the user to choose the iteration
> > wallclock time.
> > 
> > Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
> > ---
> >  block/crypto.c      |  6 ++++++
> >  crypto/block-luks.c | 32 +++++++++++++++++++++++---------
> >  qapi/crypto.json    |  6 +++++-
> >  3 files changed, 34 insertions(+), 10 deletions(-)
> > 
> 
> > +++ b/crypto/block-luks.c
> > @@ -917,8 +917,12 @@ qcrypto_block_luks_create(QCryptoBlock *block,
> >      const char *hash_alg;
> >      char *cipher_mode_spec = NULL;
> >      QCryptoCipherAlgorithm ivcipheralg = 0;
> > +    uint64_t iters;
> >  
> >      memcpy(&luks_opts, &options->u.luks, sizeof(luks_opts));
> > +    if (!luks_opts.has_iter_time) {
> > +        luks_opts.iter_time = 1000;
> > +    }
> >      if (!luks_opts.has_cipher_alg) {
> >          luks_opts.cipher_alg = QCRYPTO_CIPHER_ALG_AES_256;
> >      }
> > @@ -1064,7 +1068,7 @@ qcrypto_block_luks_create(QCryptoBlock *block,
> >      /* Determine how many iterations we need to hash the master
> >       * key, in order to have 1 second of compute time used
> >       */
> > -    luks->header.master_key_iterations =
> > +    iters = luks_opts.iter_time *
> >          qcrypto_pbkdf2_count_iters(luks_opts.hash_alg,
> 
> luks_opts.iter_time is a user-provided 64-bit value, so this
> multiplication can overflow...

Oh doh, there I was thinkig it was just a 32bit int...

Regards,
Daniel
-- 
|: http://berrange.com      -o-    http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org              -o-             http://virt-manager.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org       -o-       http://live.gnome.org/gtk-vnc :|

next prev parent reply	other threads:[~2016-09-09  9:32 UTC|newest]

Thread overview: 17+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-09-08 16:27 [Qemu-devel] [PATCH 0/6] crypto: misc tweaks & improvements to pbkdf code Daniel P. Berrange
2016-09-08 16:27 ` [Qemu-devel] [PATCH 1/6] crypto: make PBKDF iterations configurable for LUKS format Daniel P. Berrange
2016-09-08 17:44   ` Eric Blake
2016-09-09  9:32     ` Daniel P. Berrange [this message]
2016-09-08 16:27 ` [Qemu-devel] [PATCH 2/6] crypto: clear out buffer after timing pbkdf algorithm Daniel P. Berrange
2016-09-08 17:47   ` Eric Blake
2016-09-09  9:35     ` Daniel P. Berrange
2016-09-08 16:27 ` [Qemu-devel] [PATCH 3/6] crypto: use correct derived key size when timing pbkdf Daniel P. Berrange
2016-09-08 17:51   ` Eric Blake
2016-09-08 16:27 ` [Qemu-devel] [PATCH 4/6] crypto: remove bogus /= 2 for pbkdf iterations Daniel P. Berrange
2016-09-08 17:52   ` Eric Blake
2016-09-08 16:27 ` [Qemu-devel] [PATCH 5/6] crypto: increase default pbkdf2 time for luks to 2 seconds Daniel P. Berrange
2016-09-08 17:53   ` Eric Blake
2016-09-08 16:27 ` [Qemu-devel] [PATCH 6/6] crypto: support more hash algorithms for pbkdf Daniel P. Berrange
2016-09-08 17:57   ` Eric Blake
2016-09-09  9:31     ` Daniel P. Berrange
2016-09-08 19:48 ` [Qemu-devel] [PATCH 0/6] crypto: misc tweaks & improvements to pbkdf code no-reply

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20160909093246.GD25802@redhat.com \
    --to=berrange@redhat.com \
    --cc=eblake@redhat.com \
    --cc=marcandre.lureau@redhat.com \
    --cc=qemu-devel@nongnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.