From: "shmick@riseup.net" <shmick@riseup.net>
To: dm-crypt@saout.de
Subject: Re: [dm-crypt] Few questions from a new user
Date: Fri, 10 Jan 2014 01:58:18 +1100 [thread overview]
Message-ID: <52CEB90A.1030908@riseup.net> (raw)
In-Reply-To: <CAFnMBaSrO=UXS8FCVA5xVcEha2f++u8ryP94kwGEq=VpOCHoZw@mail.gmail.com>
.. ink ..:
> On Thu, Jan 9, 2014 at 1:51 AM, Arno Wagner <arno@wagner.name> wrote:
>
>> Hi Konrad,
>>
>> On Wed, Jan 08, 2014 at 23:35:42 CET, Konrad wrote:
>>> I am new to disk encryption and I have been reading on it for the
>>> last days, but I am still confused on some points. I would
>>> appreciate if someone knowledgeable could clue me in.
>>
>> If you have not found it yet, the FAQ is at
>> http://code.google.com/p/cryptsetup/wiki/FrequentlyAskedQuestions
>>
>>> 1. Is SHA1 just as secure for this purpose as SHA512? After reading
>>> cryptsetup docs I have a feeling that yes, but I get conflicting
>>> opinions from various people, so I thought it's best ask at the
>>> source.
>>
>> It is. These "various people" likely do not understand what the
>> attacks on SHA1 actually are but merely heard that it was "insecure".
>> See also FAQ Item 5.20
>>
>>
> We live in the world of twitter where you automatically loose when you need
> to explain yourself.
you might - not everybody else does
>
> More and more of this type of question will start to show up and this
> inquiry just showed an explanation in the FAQ is not enought to offer
> assurance and giving an answer each and every time here will get boring
> pretty soon and rudeness will ensue.
wouldn't need to if one slows down, takes a cup of coffee and read
elsewhere on the big old internet
patience is a virtue; you won't be secure if you're in a hurry
>
> Whats the worse that could happen if the default is switched to SHA2?If it
> makes no practical difference,then switching seem to be a better
> alternative just to silence these kind of questions as their existence puts
> doubt in cryptsetup's security robustness.
you don't have to use defaults - you're free to do what you like
but show us that defaults are not safe; please do
>
>
>
> _______________________________________________
> dm-crypt mailing list
> dm-crypt@saout.de
> http://www.saout.de/mailman/listinfo/dm-crypt
>
next prev parent reply other threads:[~2014-01-09 15:07 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-01-08 22:35 [dm-crypt] Few questions from a new user Konrad
2014-01-09 6:51 ` Arno Wagner
2014-01-09 11:22 ` .. ink ..
2014-01-09 14:58 ` shmick [this message]
2014-01-10 5:04 ` Arno Wagner
2014-01-10 5:00 ` Arno Wagner
-- strict thread matches above, loose matches on Subject: below --
2014-01-10 14:31 Arno Wagner
2014-01-10 15:33 ` .. ink ..
2014-01-10 16:36 ` Arno Wagner
2014-01-10 16:08 ` Milan Broz
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=52CEB90A.1030908@riseup.net \
--to=shmick@riseup.net \
--cc=dm-crypt@saout.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.