* [dm-crypt] [Feature request] Support for "raw" key slots
@ 2009-08-14 7:36 Thomas Bächler
2009-08-14 8:09 ` Roscoe
2009-08-14 10:50 ` Heinz Diehl
0 siblings, 2 replies; 3+ messages in thread
From: Thomas Bächler @ 2009-08-14 7:36 UTC (permalink / raw)
To: dm-crypt
The iterated hashing process used in LUKS' key slots is useful for
(potentially weak) passphrases. However, it is useless if the key slot
is locked with a cryptographically strong key file (like a file created
from /dev/random).
Therefore I propose the addition of a "raw key slot" feature to LUKS,
where a key that has the exact length of the master key is simply XOR'ed
to the master key and saved in the key slot (after the usual striping of
course).
I don't see any obvious security implications with this feature. If
there are any, I'd be interested. Please consider this for a future LUKS
specification.
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [dm-crypt] [Feature request] Support for "raw" key slots
2009-08-14 7:36 [dm-crypt] [Feature request] Support for "raw" key slots Thomas Bächler
@ 2009-08-14 8:09 ` Roscoe
2009-08-14 10:50 ` Heinz Diehl
1 sibling, 0 replies; 3+ messages in thread
From: Roscoe @ 2009-08-14 8:09 UTC (permalink / raw)
To: Thomas Bächler; +Cc: dm-crypt
It may be useless but it doesn't cause any harm.
And it may even be useful in the case of a compromised RNG.
The main advantage I see is saving on the expensive iterated hashing,
but then you could accomplish almost the same by just specifying a low
iteration count/time.
-- Roscoe
On Fri, Aug 14, 2009 at 5:36 PM, Thomas Bächler<thomas@archlinux.org> wrote:
> The iterated hashing process used in LUKS' key slots is useful for
> (potentially weak) passphrases. However, it is useless if the key slot is
> locked with a cryptographically strong key file (like a file created from
> /dev/random).
>
> Therefore I propose the addition of a "raw key slot" feature to LUKS, where
> a key that has the exact length of the master key is simply XOR'ed to the
> master key and saved in the key slot (after the usual striping of course).
>
> I don't see any obvious security implications with this feature. If there
> are any, I'd be interested. Please consider this for a future LUKS
> specification.
>
> _______________________________________________
> dm-crypt mailing list
> dm-crypt@saout.de
> http://www.saout.de/mailman/listinfo/dm-crypt
>
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [dm-crypt] [Feature request] Support for "raw" key slots
2009-08-14 7:36 [dm-crypt] [Feature request] Support for "raw" key slots Thomas Bächler
2009-08-14 8:09 ` Roscoe
@ 2009-08-14 10:50 ` Heinz Diehl
1 sibling, 0 replies; 3+ messages in thread
From: Heinz Diehl @ 2009-08-14 10:50 UTC (permalink / raw)
To: dm-crypt
At Fri, 14 Aug 2009 09:36:09 +0200,
Thomas Bächler wrote:
> The iterated hashing process used in LUKS' key slots is useful for
> (potentially weak) passphrases. However, it is useless if the key slot is
> locked with a cryptographically strong key file (like a file created from
> /dev/random).
There's an option "--iter-time" where you can specify/reduce the iteration
count. It's main purpose is well to slow down bruteforce attacks.
Don't know if it's that what you're after.
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2009-08-14 10:47 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2009-08-14 7:36 [dm-crypt] [Feature request] Support for "raw" key slots Thomas Bächler
2009-08-14 8:09 ` Roscoe
2009-08-14 10:50 ` Heinz Diehl
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.