[dm-crypt] MK Digest Size

Jorge Fábregas jorge.fabregas at gmail.com
Sun Jul 10 18:29:10 CEST 2011


Hello everyone,

I'm new to DM-Crypt/LUKS and I'm wondering why is it that, when I format
a partition (luksFormat) using --hash sha256, I still get to see 20 HEX
characters (160 bits) for the MK digest?  Shouldn't I see 32 HEX chars
(256 bits)?   Or is that sha256 is used in the PBKDF2 process but the
function is instructed to deliver just 160 bits?

One final thing just to make sure:  is the algorithm that appears under
"Hash spec" in the header..is this the same hash-algorithm used (along
with PBKDF2) for the user-keys? as well as the one used with PBKDF2 for
the MK digest?

The man page says for the hash option:   ...used in LUKS key setup
scheme and volume key digest.  So it appears that "Hash spec" is used
for both...but then, I don't understand why I get just 160 bits when I
specify sha256 :(

Thanks!

Regards,
Jorge


More information about the dm-crypt mailing list