From: Milan Broz <mbroz@redhat.com>
To: Christoph Anton Mitterer
<christoph.anton.mitterer@physik.uni-muenchen.de>
Cc: dm-crypt@saout.de
Subject: Re: [dm-crypt] miscellaneous dm-crypt/LUKS/cryptsetup questions
Date: Fri, 28 May 2010 13:26:12 +0200 [thread overview]
Message-ID: <4BFFA854.3030807@redhat.com> (raw)
In-Reply-To: <1275044175.14998.103.camel@etppc09.garching.physik.uni-muenchen.de>
On 05/28/2010 12:56 PM, Christoph Anton Mitterer wrote:
> On Thu, 2010-05-27 at 16:45 +0200, Milan Broz wrote:
>>> So would it be better for now to do a --master-key-file /dev/random?
>>> Or is this not as secure (as urandom) in this case?
>>
>> --master-key-file intentionally can read only regular file.
master-key-file is new option which allows using pre-generated master key.
Please use it only if you must - it was designed for Key Escrow functions,
(which uses libcryptsetup directly anyway) not for normal use.
>>
>> (read from /dev/random can return if there is not enough entropy, it needs
>> implement some more code to use.)
> Is it then secure (an better than using /dev/urandom) to do something
> like:
>
> mount -t tmpfs foo /mnt
> cd /mnt
> dd if=/dev/random of=mk bs=1 count=64
> cryptsetup --master-key-file mk -s 512 -c aes-xts-plain --key-file
> someKeyFile luksFormat /dev/blafasl
>
> ?
> The master key should not be leaked to disk,... it 64 bytes large, and a
> keyfile is used to encrypt it.
>
> Or better stick with urandom?
See above, do not use it at all just run luksFormat in your case which
generate key from /dev/urandom.
>> This is LUKS (keyslot) hash algorithm used (together with PBKDF2) when
>> unlocking keyslot.
>> (see documentation again, project site http://code.google.com/p/cryptsetup/
>> -> Specification)
> Can/should I change it to something "better" (e.g. SHA512)?
> I guess this could be done by simply exchanging the key slots and I do
> not have to reencrypt the whole disk?
First read archive discussion about that - there is no problem with SHA1 in this use.
You can define hash during luksFormat (-h <alg>) with cryptsetup 1.1.x, but if you select
somethin other than sha1, it will be incompatible with old distros.
You cannot change it later (only by reformatting header).
Milan
next prev parent reply other threads:[~2010-05-28 11:26 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-05-27 12:51 [dm-crypt] miscellaneous dm-crypt/LUKS/cryptsetup questions Christoph Anton Mitterer
2010-05-27 13:53 ` Milan Broz
2010-05-27 14:20 ` Christoph Anton Mitterer
2010-05-27 14:45 ` Milan Broz
2010-05-27 16:21 ` Mario 'BitKoenig' Holbe
2010-05-27 18:21 ` Milan Broz
2010-05-27 21:41 ` Roscoe
2010-05-27 22:12 ` Arno Wagner
2010-05-28 7:39 ` Mario 'BitKoenig' Holbe
2010-05-28 8:03 ` Milan Broz
2010-05-28 11:05 ` Christoph Anton Mitterer
2010-05-28 12:11 ` Mario 'BitKoenig' Holbe
2010-05-28 10:56 ` Christoph Anton Mitterer
2010-05-28 11:26 ` Milan Broz [this message]
2010-05-28 15:36 ` Arno Wagner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4BFFA854.3030807@redhat.com \
--to=mbroz@redhat.com \
--cc=christoph.anton.mitterer@physik.uni-muenchen.de \
--cc=dm-crypt@saout.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox