From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.saout.de ([127.0.0.1]) by localhost (mail.saout.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vVk1hrtpZlhD for ; Fri, 10 Jan 2014 17:08:39 +0100 (CET) Received: from mail-ea0-x236.google.com (mail-ea0-x236.google.com [IPv6:2a00:1450:4013:c01::236]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mail.saout.de (Postfix) with ESMTPS for ; Fri, 10 Jan 2014 17:08:39 +0100 (CET) Received: by mail-ea0-f182.google.com with SMTP id a15so2176723eae.27 for ; Fri, 10 Jan 2014 08:08:37 -0800 (PST) Received: from [192.168.2.18] (56.157.broadband5.iol.cz. [88.100.157.56]) by mx.google.com with ESMTPSA id b41sm15656555eef.16.2014.01.10.08.08.31 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Fri, 10 Jan 2014 08:08:35 -0800 (PST) Message-ID: <52D01AFE.6080705@gmail.com> Date: Fri, 10 Jan 2014 17:08:30 +0100 From: Milan Broz MIME-Version: 1.0 References: <20140110143103.GA28677@tansi.org> In-Reply-To: <20140110143103.GA28677@tansi.org> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Subject: Re: [dm-crypt] Few questions from a new user List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: dm-crypt@saout.de On 01/10/2014 03:31 PM, Arno Wagner wrote: > If you look at the header specification linked here: > http://code.google.com/p/cryptsetup/wiki/Specification > > in Figure 1 you find the cipher and mode for the actual disk > encryption, and the "hash-spec" which is the hash-function > used by PBKDF2. Just one more addition - specified hash algorithm (in hash-spec header field) is also used in LUKS anti-forensic filter. Also there using SHA1 causes no problem, AF solves different problem there (split key into multiple sectors). See spec above as well. Milan