From: Milan Broz <mbroz@redhat.com>
To: Maciej Pilichowski <bluedzins@wp.pl>
Cc: dm-crypt@saout.de
Subject: Re: [dm-crypt] How to activate hash module?
Date: Sun, 13 Mar 2011 21:22:14 +0100 [thread overview]
Message-ID: <4D7D2776.50101@redhat.com> (raw)
In-Reply-To: <201103131958.30968.bluedzins@wp.pl>
On 03/13/2011 07:58 PM, Maciej Pilichowski wrote:
>> I guess it is "sha1", if so, simply remove rmd320 hash option and
>> it will work again.
>
> You are 100% correct and thank you million times for help! The sad
> fact is I am example of blindly trusting other parties, that
> something actually works, when it does not.
"plain" mode means directly configured dmcrypt - no metadata
on disk. In cryptsetup it is used in "create" command.
In this mode you either provide key directly or key is
just hashed passhprase.
In LUKS, the encryption key is always generated from RNG
(random number generator) and passhprase just unlocks and decrypts
metadata area on disk, where is this key stored.
So for LUKS there is no passphrase hashing thus that parameter
was not needed (in its former meaning).
But because LUKS uses a hash internally (in PBKDF2, AF splitter and key digest)
(for exact description see http://code.google.com/p/cryptsetup/wiki/Specification)
and some people want to user different algorithm, this option
was added even for LUKS mode.
(But changing the hash means backward incompatible setting.)
side note: Still, no need to worry about SHA1 use here. Until SHA1 remains
one-way function, it should not cause problems here. Collision resistance
or second preimage is not problem for this use - even if you
are able to find collision (with all the iterations), the worst situation
I can imagine is that cryptsetup will accept this key (key digest),
but because decrypted key is collision key, not real key, you will get
garbage instead of real data.
For anti-forensic splitter are these attacks irrelevant as well.
Quite simplified - please correct me, if am I wrong here:-)
>> (Hash switch was useful only for plain mapping for passphrase
>> hashing.)
>
> If I may ask a bit off-topic question:
> * you wrote "was", so now it is useful in general?
> * what do you mean by "plain mapping"? (I googled with no success)
See above. I meant that -h is now used for LUKS as well, just doing something
different. For plain mode (passphrase hashing) it remains exactly the same.
Milan
next prev parent reply other threads:[~2011-03-13 20:22 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-03-13 9:45 [dm-crypt] How to activate hash module? Maciej Pilichowski
2011-03-13 10:53 ` Heinz Diehl
2011-03-13 13:47 ` Milan Broz
2011-03-13 15:23 ` Maciej Pilichowski
2011-03-13 18:29 ` Milan Broz
2011-03-13 18:58 ` Maciej Pilichowski
2011-03-13 20:22 ` Milan Broz [this message]
2011-03-14 15:54 ` Maciej Pilichowski
2011-03-14 16:32 ` Arno Wagner
2011-03-14 20:01 ` Maciej Pilichowski
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4D7D2776.50101@redhat.com \
--to=mbroz@redhat.com \
--cc=bluedzins@wp.pl \
--cc=dm-crypt@saout.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.