All of lore.kernel.org
 help / color / mirror / Atom feed
* [dm-crypt] [Feature request] Support for "raw" key slots
@ 2009-08-14  7:36 Thomas Bächler
  2009-08-14  8:09 ` Roscoe
  2009-08-14 10:50 ` Heinz Diehl
  0 siblings, 2 replies; 3+ messages in thread
From: Thomas Bächler @ 2009-08-14  7:36 UTC (permalink / raw)
  To: dm-crypt

The iterated hashing process used in LUKS' key slots is useful for 
(potentially weak) passphrases. However, it is useless if the key slot 
is locked with a cryptographically strong key file (like a file created 
from /dev/random).

Therefore I propose the addition of a "raw key slot" feature to LUKS, 
where a key that has the exact length of the master key is simply XOR'ed 
to the master key and saved in the key slot (after the usual striping of 
course).

I don't see any obvious security implications with this feature. If 
there are any, I'd be interested. Please consider this for a future LUKS 
specification.

^ permalink raw reply	[flat|nested] 3+ messages in thread
* Re: [dm-crypt] [Feature request] Support for "raw" key slots
  2009-08-14  7:36 [dm-crypt] [Feature request] Support for "raw" key slots Thomas Bächler
@ 2009-08-14  8:09 ` Roscoe
  2009-08-14 10:50 ` Heinz Diehl
  1 sibling, 0 replies; 3+ messages in thread
From: Roscoe @ 2009-08-14  8:09 UTC (permalink / raw)
  To: Thomas Bächler; +Cc: dm-crypt

It may be useless but it doesn't cause any harm.
And it may even be useful in the case of a compromised RNG.

The main advantage I see is saving on the expensive iterated hashing,
but then you could accomplish almost the same by just specifying a low
iteration count/time.

-- Roscoe

On Fri, Aug 14, 2009 at 5:36 PM, Thomas Bächler<thomas@archlinux.org> wrote:
> The iterated hashing process used in LUKS' key slots is useful for
> (potentially weak) passphrases. However, it is useless if the key slot is
> locked with a cryptographically strong key file (like a file created from
> /dev/random).
>
> Therefore I propose the addition of a "raw key slot" feature to LUKS, where
> a key that has the exact length of the master key is simply XOR'ed to the
> master key and saved in the key slot (after the usual striping of course).
>
> I don't see any obvious security implications with this feature. If there
> are any, I'd be interested. Please consider this for a future LUKS
> specification.
>
> _______________________________________________
> dm-crypt mailing list
> dm-crypt@saout.de
> http://www.saout.de/mailman/listinfo/dm-crypt
>

^ permalink raw reply	[flat|nested] 3+ messages in thread
* Re: [dm-crypt] [Feature request] Support for "raw" key slots
  2009-08-14  7:36 [dm-crypt] [Feature request] Support for "raw" key slots Thomas Bächler
  2009-08-14  8:09 ` Roscoe
@ 2009-08-14 10:50 ` Heinz Diehl
  1 sibling, 0 replies; 3+ messages in thread
From: Heinz Diehl @ 2009-08-14 10:50 UTC (permalink / raw)
  To: dm-crypt

At Fri, 14 Aug 2009 09:36:09 +0200,
Thomas Bächler wrote:

> The iterated hashing process used in LUKS' key slots is useful for
> (potentially weak) passphrases. However, it is useless if the key slot is
> locked with a cryptographically strong key file (like a file created from
> /dev/random).

There's an option "--iter-time" where you can specify/reduce the iteration
count. It's main purpose is well to slow down bruteforce attacks.
Don't know if it's that what you're after.

^ permalink raw reply	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2009-08-14 10:47 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2009-08-14  7:36 [dm-crypt] [Feature request] Support for "raw" key slots Thomas Bächler
2009-08-14  8:09 ` Roscoe
2009-08-14 10:50 ` Heinz Diehl

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.