* [dm-crypt] Plain hashing algorithm
@ 2014-12-09 14:33 John Lane
2014-12-09 15:45 ` Arno Wagner
0 siblings, 1 reply; 2+ messages in thread
From: John Lane @ 2014-12-09 14:33 UTC (permalink / raw)
To: dm-crypt
Just trying to satisfy my curiosity... hope that's ok...
When I do plain mode I can specify a hash or accept the default, ripemd160.
That isn't the full story, however, as the hash (160 bits) is stretched
to the key size (256 bits).
I've checked the source and can see the algorithm in the code
(crypt_plain.c#30-62).
I don't fully understand it but just wondered if that's some standard
alg similar PBKDF2 (which it isn't) or something specifc to cryptsetup?
I'm also curious about the "hack from hashalot". By googling that phrase
I find it's been copied into a number of other things.
Like I said, just curious.
Thanks,
John
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [dm-crypt] Plain hashing algorithm
2014-12-09 14:33 [dm-crypt] Plain hashing algorithm John Lane
@ 2014-12-09 15:45 ` Arno Wagner
0 siblings, 0 replies; 2+ messages in thread
From: Arno Wagner @ 2014-12-09 15:45 UTC (permalink / raw)
To: dm-crypt
On Tue, Dec 09, 2014 at 15:33:45 CET, John Lane wrote:
> Just trying to satisfy my curiosity... hope that's ok...
>
> When I do plain mode I can specify a hash or accept the default, ripemd160.
>
> That isn't the full story, however, as the hash (160 bits) is stretched
> to the key size (256 bits).
>
> I've checked the source and can see the algorithm in the code
> (crypt_plain.c#30-62).
>
> I don't fully understand it but just wondered if that's some standard
> alg similar PBKDF2 (which it isn't) or something specifc to cryptsetup?
You mean the stretching?
Generally, stretching keys for a block-cipher is non-critical
and you could just fill the key up with zeros. For a tiny bit
more in security, you usually pad with something non-zero. You
can also add a bit of iteration, hash in key-lengh, positions, etc.
As long as you do not mess this up, you can only make the result
stronger, not weaker.
> I'm also curious about the "hack from hashalot". By googling that phrase
> I find it's been copied into a number of other things.
Probably something hashalot did first. My guess is that
it was taken as hashalot has been around for some time and
has gotten some attention, and hence is less likely to
have some flaw in this.
Arno
> Like I said, just curious.
>
> Thanks,
> John
>
> _______________________________________________
> dm-crypt mailing list
> dm-crypt@saout.de
> http://www.saout.de/mailman/listinfo/dm-crypt
--
Arno Wagner, Dr. sc. techn., Dipl. Inform., Email: arno@wagner.name
GnuPG: ID: CB5D9718 FP: 12D6 C03B 1B30 33BB 13CF B774 E35C 5FA1 CB5D 9718
----
A good decision is based on knowledge and not on numbers. -- Plato
If it's in the news, don't worry about it. The very definition of
"news" is "something that hardly ever happens." -- Bruce Schneier
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2014-12-09 15:52 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-12-09 14:33 [dm-crypt] Plain hashing algorithm John Lane
2014-12-09 15:45 ` Arno Wagner
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox