From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.saout.de ([127.0.0.1]) by localhost (mail.saout.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DWG50RAoQ3us for ; Sun, 10 Jul 2011 18:29:15 +0200 (CEST) Received: from mail-gy0-f178.google.com (mail-gy0-f178.google.com [209.85.160.178]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by mail.saout.de (Postfix) with ESMTPS for ; Sun, 10 Jul 2011 18:29:14 +0200 (CEST) Received: by gyf1 with SMTP id 1so1512495gyf.37 for ; Sun, 10 Jul 2011 09:29:12 -0700 (PDT) Message-ID: <4E19D356.7020504@gmail.com> Date: Sun, 10 Jul 2011 12:29:10 -0400 From: =?ISO-8859-1?Q?Jorge_F=E1bregas?= MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Subject: [dm-crypt] MK Digest Size List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: dm-crypt@saout.de Hello everyone, I'm new to DM-Crypt/LUKS and I'm wondering why is it that, when I format a partition (luksFormat) using --hash sha256, I still get to see 20 HEX characters (160 bits) for the MK digest? Shouldn't I see 32 HEX chars (256 bits)? Or is that sha256 is used in the PBKDF2 process but the function is instructed to deliver just 160 bits? One final thing just to make sure: is the algorithm that appears under "Hash spec" in the header..is this the same hash-algorithm used (along with PBKDF2) for the user-keys? as well as the one used with PBKDF2 for the MK digest? The man page says for the hash option: ...used in LUKS key setup scheme and volume key digest. So it appears that "Hash spec" is used for both...but then, I don't understand why I get just 160 bits when I specify sha256 :( Thanks! Regards, Jorge