Re: [dm-crypt] How to increase key size of existing volume

[Erik Logtenberg <erik@logtenberg.eu>]

Hi Arno,

Thanks for your explanation. It is good to know that the 128 bit
symmetric encryption key is still considered okay to some extent.

I did try the keylength site, and if I want my volume to be secure until
roughly a decade after my projected demise, say 2100, then the adviced
symmetric key size is already 135, 147 or 256 depending on the used
method. So it'd still be somewhat better to increase the current 128 a bit.

> (you do have backup, right?).

Actually I am talking about my backup volume. And as such, it is quite a
bit of data, that I don't have a (second) backup of. Neither do I have
enough storage available to make an additional backup, nor the required
amount of time, since a full copy/restore of such a volume would take weeks.

In fact, there seems to be a second use case for re-encrypting an
existing volume. I read some articles explaining the possibility to use
the luksDump command in conjunction with the --dump-master-key option on
a mounted luks volume, to reset the password even if the current
password is no longer known.
Additionally, also the luksHeaderBackup command is available to extract
the master key.

So there are at least two methods of extracting a master key. Now if I
would suspect that a machine, that has a luks volume mounted, was
compromised to the extent that someone had temporaryly gained root
access, I would not only have to reset (all) passwords after fixing the
security hole, but also I would have to create a new master key to be sure.

Is the cryptsetup-reencrypt tool also meant for that purpose?

Thanks,

Erik.


On 12/11/2012 04:09 PM, Arno Wagner wrote:
> On Tue, Dec 11, 2012 at 03:46:19PM +0100, Erik Logtenberg wrote:
>> Dear list,
>>
>> I have been using luks for quite some time, and as a result I have
>> several luks volumes in use that are still based on 128 bits key sizes.
>> Current default in Fedora is already upped to 256 bits and RSA even
>> advices key sizes of 1024 or even 2048 for highly secure stuff.
> 
> You are confusing symmetric and assymetric keys here. 2048 bit
> asymmetric is (very roughly) equivalent to 128 bit symmetric.
> 
> Have a look here for currently recomended key sizes:
> 
>   http://www.keylength.com/
> 
> There is no idication that anybody can break 128 but AES
> at this time or in the next few decades. Your passphrase
> has likely a lot less entropy anyways and is the better
> target. 
>  
>> So, how do I increase the key size? In man cryptsetup I see that the
>> --key-size option only applies to the create, luksFormat and loopaesOpen
>> commands. Is there any way I can make this happen?
> 
> It is unnecessary. If you really want to, use your normal
> backup procedure, recreate a new LUKS volume and restore
> (you do have backup, right?). 
> 
> There is also a re-encryption in place tool by Milan, but that is 
> experimental and definitely requires a current backup.
> It is called "cryptsetup-reencrypt" and part of the source package
> as of version 1.5.0 (current version is 1.5.1).
> 
> Arno
>