[dm-crypt] zuluCrypt v3.0 released.

.. ink .. mhogomchungu at gmail.com
Thu Oct 6 03:27:26 CEST 2011


On Wed, Oct 5, 2011 at 2:18 PM, .. ink .. <mhogomchungu at gmail.com> wrote:

>
>> >
>> > It can now (from the GUI)
>> > 1. Create key files( 512 bytes in size composed of only the 94 printable
>> > characters).
>>
>> 512 bits rather than bytes ?
>>
>>
> i meant bytes, for 512 different characters. I just looked at the
> documentations and now i cant see why i went with this number since
> cryptsetup defaults to 256bits(32 bytes).
>
> Will change in the next version/update to create 32 bytes key files.
>
>
> just saw where i got the "512 bytes" from., running "cryptsetup --help"
gives a bunch of output and there is this output at the end.

Default compiled-in keyfile parameters:
        Maximum keyfile size: 8192kB, Maximum interactive passphrase length
512 (characters)

Default compiled-in device cipher parameters:
        loop-AES: aes, Key 256 bits
        plain: aes-cbc-essiv:sha256, Key: 256 bits, Password hashing:
ripemd160
        LUKS1: aes-cbc-essiv:sha256, Key: 256 bits, LUKS header hashing:
sha1, RNG: /dev/urandom

Thats where i got the key file length from. Since my program interfaces with
cryptsetup interactively, i though creating a key file with the maximum size
allowed will be more secured.

Whats the optimum key file size with the above output?
Whats the optimum key file size in general?
The above output seem to suggest 32 bytes files but whats the harm in using
512 bytes?(the maximum allowed)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.saout.de/pipermail/dm-crypt/attachments/20111005/828118ae/attachment-0001.html>


More information about the dm-crypt mailing list