From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.saout.de ([127.0.0.1]) by localhost (mail.saout.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ic4Ge7oMvVze for ; Wed, 8 Jan 2014 23:35:47 +0100 (CET) Received: from mail-ee0-x229.google.com (mail-ee0-x229.google.com [IPv6:2a00:1450:4013:c00::229]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mail.saout.de (Postfix) with ESMTPS for ; Wed, 8 Jan 2014 23:35:47 +0100 (CET) Received: by mail-ee0-f41.google.com with SMTP id t10so961199eei.14 for ; Wed, 08 Jan 2014 14:35:46 -0800 (PST) Received: from [192.168.7.7] (a207.net131.okay.pl. [85.28.131.207]) by mx.google.com with ESMTPSA id l4sm89226een.13.2014.01.08.14.35.43 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Wed, 08 Jan 2014 14:35:43 -0800 (PST) Message-ID: <52CDD2BE.3050101@gmail.com> Date: Wed, 08 Jan 2014 23:35:42 +0100 From: Konrad MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: [dm-crypt] Few questions from a new user List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: dm-crypt@saout.de I am new to disk encryption and I have been reading on it for the last days, but I am still confused on some points. I would appreciate if someone knowledgeable could clue me in. 1. Is SHA1 just as secure for this purpose as SHA512? After reading cryptsetup docs I have a feeling that yes, but I get conflicting opinions from various people, so I thought it's best ask at the source. Also, does the hash used have any impact on performance of disk access/read/write once the system is booted? Again, I suppose not, but better to make sure, especially since my laptop is not a powerhouse. 2. The more I read, the more I am confused about the algorythms. Everything I read says that AES is the fastest, and Serpent is the slowest. But not according to my laptop: $ cryptsetup benchmark Tests are approximate using memory only (no storage IO). PBKDF2-sha1 344926 iterations per second PBKDF2-sha256 198593 iterations per second PBKDF2-sha512 129007 iterations per second PBKDF2-ripemd160 271933 iterations per second PBKDF2-whirlpool 134295 iterations per second # Algorithm | Key | Encryption | Decryption aes-cbc 128b 149.8 MiB/s 147.9 MiB/s serpent-cbc 128b 51.0 MiB/s 196.4 MiB/s twofish-cbc 128b 127.6 MiB/s 152.5 MiB/s aes-cbc 256b 114.3 MiB/s 113.8 MiB/s serpent-cbc 256b 51.2 MiB/s 198.9 MiB/s twofish-cbc 256b 129.8 MiB/s 167.5 MiB/s aes-xts 256b 153.3 MiB/s 150.6 MiB/s serpent-xts 256b 176.4 MiB/s 184.1 MiB/s twofish-xts 256b 160.8 MiB/s 159.8 MiB/s aes-xts 512b 115.4 MiB/s 112.1 MiB/s serpent-xts 512b 178.6 MiB/s 184.2 MiB/s twofish-xts 512b 160.7 MiB/s 158.9 MiB/s I suppose this is because it has no AES-IN optimisation (it is one of the last Core 2 Duo P9500), but still Serpent beats the others by quite a margin. Plus, on top of that, it seems to be the fastest with the most complex key. I thought it should be the other way around...? So should I go ahead and use serpent-xts 512b, or is there a catch? 3. I would like to do full disk encryption, and would like to have those methods of unlocking upon boot: A - my short but complex password B - long but easy-to-dictate password that I would give to people who need to access my laptop when I'm not there, without compromising my own password C - if a USB key with key file is present, I want the computer to not as for the password upon boot Are all three possible with dm-crypt+LUKS? And if so, do I have to set them all up while I enctypt my disks, or can B and/or C be done afterwards?