From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.saout.de ([127.0.0.1]) by localhost (mail.saout.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3OCfOL5aqhUL for ; Tue, 11 Dec 2012 17:33:23 +0100 (CET) Received: from v4.tansi.org (ns.km33513-03.keymachine.de [87.118.94.3]) by mail.saout.de (Postfix) with ESMTP for ; Tue, 11 Dec 2012 17:33:23 +0100 (CET) Received: from gatewagner.dyndns.org (84-74-164-49.dclient.hispeed.ch [84.74.164.49]) by v4.tansi.org (Postfix) with ESMTPA id 823051404001 for ; Tue, 11 Dec 2012 17:33:23 +0100 (CET) Date: Tue, 11 Dec 2012 17:34:07 +0100 From: Arno Wagner Message-ID: <20121211163407.GA2889@tansi.org> References: <50C7473B.5090208@logtenberg.eu> <20121211150918.GB2194@tansi.org> <50C75290.1060003@logtenberg.eu> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <50C75290.1060003@logtenberg.eu> Subject: Re: [dm-crypt] How to increase key size of existing volume List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: dm-crypt@saout.de On Tue, Dec 11, 2012 at 04:34:40PM +0100, Erik Logtenberg wrote: > Hi Arno, > > Thanks for your explanation. You are welcome. > It is good to know that the 128 bit > symmetric encryption key is still considered okay to some extent. Until AES gets (real-world) broken, it will be secure. So not only "to some extent" ;-) > I did try the keylength site, and if I want my volume to be secure until > roughly a decade after my projected demise, say 2100, then the adviced > symmetric key size is already 135, 147 or 256 depending on the used > method. So it'd still be somewhat better to increase the current 128 a bit. There are no reliable forecasts for 2100. Even 30 years is highly speculative. Brute-forcing 128 bits may not be possible even in 2100, but AES may get broken. And, as I said, your passphrase needs to be 128 bit as well (well, accounting for iteration, only something like 110 bit, but that is still 22 random characters and letters). > > (you do have backup, right?). > > Actually I am talking about my backup volume. And as such, it is quite a > bit of data, that I don't have a (second) backup of. Neither do I have > enough storage available to make an additional backup, nor the required > amount of time, since a full copy/restore of such a volume would take weeks. I see. My advice would be to get that second backup and just copy the primary backup over to it. > In fact, there seems to be a second use case for re-encrypting an > existing volume. I read some articles explaining the possibility to use > the luksDump command in conjunction with the --dump-master-key option on > a mounted luks volume, to reset the password even if the current > password is no longer known. > Additionally, also the luksHeaderBackup command is available to extract > the master key. That does not help you to change the master key, and that is what you need to do if you want a longer one. A better passphrase can just be added (luksAddKey) and then the old one removed (luksRemoveKey). But with this the master key and disk encryption cipher stay the same. > So there are at least two methods of extracting a master key. Now if I > would suspect that a machine, that has a luks volume mounted, was > compromised to the extent that someone had temporaryly gained root > access, I would not only have to reset (all) passwords after fixing the > security hole, but also I would have to create a new master key to be sure. Yes. And new data, as the attacker had access to all of it. Of course, that is usually not possible... > Is the cryptsetup-reencrypt tool also meant for that purpose? In fact that would be its primary use. And the case does arise. Milan is a very careful developer/maintainer and would not have created a potentially unsafe tool like this otherwise. Arno -- Arno Wagner, Dr. sc. techn., Dipl. Inform., Email: arno@wagner.name GnuPG: ID: CB5D9718 FP: 12D6 C03B 1B30 33BB 13CF B774 E35C 5FA1 CB5D 9718 ---- One of the painful things about our time is that those who feel certainty are stupid, and those with any imagination and understanding are filled with doubt and indecision. -- Bertrand Russell