Re: sha256 in "AF hash" despite using sha512 during luksFormat

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Milan Broz <gmazyland@gmail.com>
To: "doffloster@gmail.com" <doffloster@gmail.com>,
	cryptsetup@lists.linux.dev
Subject: Re: sha256 in "AF hash" despite using sha512 during luksFormat
Date: Sat, 10 Sep 2022 07:25:51 +0200	[thread overview]
Message-ID: <7f403984-bd0d-9b75-d0eb-0cacbb41810d@gmail.com> (raw)
In-Reply-To: <CACHosL-Nxs5dHJddw8RjqnK4d7OewzA2FT6G1ZQcAhw=PzLLpQ@mail.gmail.com>

On 10/09/2022 00:50, doffloster@gmail.com wrote:
> Dear cryptsetup/LUKS Team,
> 
> I was using sha512 in the luksFormat command.
> Later I used luksAddKey while thinking that it should be using the
> sha512 hash that I defined in luksFormat.
> But, when I did luksDump, then I noticed that the field "AF hash" for
> the second key (which was added via luksAddKey ; its keyslot is #1)
> contains the value "sha256".

The digest hash remains the same. it is changed only if the digest
is recalculated later (reencryption).

(In LUKS1 there was only one hash algorithm used for everything,
in LUKS2 you can have different algorihms per keyslots, digest and AF but
for digest and AF there is no API co change it later.)

BTW SHA512, specially for AF, is overkill, it will not help anything.
Why do you want to use it there? The whole idea for AF is just to
diffuse the key on a larger area - any hash algorithm here works ok.

For digest it has no security improvement either, as the input is
randomly generated key and if you want to run bruteforce on it, it is much
faster to try to decrypt some sector where you can detect correct plaintext
than to use slow digest PBKDF2 here.

m.

next prev parent reply	other threads:[~2022-09-10  5:25 UTC|newest]

Thread overview: 10+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-09-09 22:50 sha256 in "AF hash" despite using sha512 during luksFormat doffloster
2022-09-10  5:25 ` Milan Broz [this message]
2022-09-10  7:26   ` doffloster
2022-09-10  9:21     ` Michael Kjörling
2022-09-10 10:28     ` Milan Broz
2022-09-10 12:53       ` doffloster
2022-09-15 14:17         ` Milan Broz
2022-09-17 18:15           ` doffloster
2022-09-10 10:34 ` Milan Broz
2022-09-10 12:56   ` doffloster

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=7f403984-bd0d-9b75-d0eb-0cacbb41810d@gmail.com \
    --to=gmazyland@gmail.com \
    --cc=cryptsetup@lists.linux.dev \
    --cc=doffloster@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.