[dm-crypt] Few questions from a new user

Arno Wagner arno at wagner.name
Fri Jan 10 17:36:24 CET 2014


On Fri, Jan 10, 2014 at 16:33:56 CET, .. ink .. wrote:
> > So changing the hash does not do anything, really as the
> > attacker can only try to brute-force the passphrase and
> > that takes the same effort for SHA-1 and for SHA-512.
> >
> >
> cryptsetup 1.6.0 changed default cipher mode from cbc to xts not because
> cbc had practical issues but because xts was becoming a
> standard[1].Sometimes it makes sense to be where everybody else is if being
> anywhere is just as good as being anywhere else.If it makes not practical
> difference btw SHA1 and SHA2,then moving away from SHA1 seem like a good
> idea with the reason being having one less thing to explain in the FAQ.
> 
> [1] http://comments.gmane.org/gmane.linux.kernel.device-mapper.dm-crypt/6409

CBC has issues that XTS avoids and some of them are pretty 
practical, for example the watermark attack. SHA1 has
no such issues as it is used in LUKS.

Sorry, but changing default algorithms to reduce questions 
by people is about the worst possible reason to do it. 

Also, I do not see the questions by people as such a bad 
thing. We can point them in the right direction and maybe
learn a thing or two about what concerns LUKS users have
and maybe some of them actually read parts of the FAQ.

Arno
-- 
Arno Wagner,     Dr. sc. techn., Dipl. Inform.,    Email: arno at wagner.name
GnuPG: ID: CB5D9718  FP: 12D6 C03B 1B30 33BB 13CF  B774 E35C 5FA1 CB5D 9718
----
There are two ways of constructing a software design: One way is to make it
so simple that there are obviously no deficiencies, and the other way is to
make it so complicated that there are no obvious deficiencies. The first
method is far more difficult.  --Tony Hoare


More information about the dm-crypt mailing list