[dm-crypt] SHAx and LUKS/cryptsetup

Arno Wagner arno at wagner.name
Sun Mar 9 21:15:40 CET 2014


On Sun, Mar 09, 2014 at 20:53:02 CET, Milan Broz wrote:
> On 9.3.2014 19:32, Heinz Diehl wrote:
> >On 09.03.2014, Milan Broz wrote:
> >
> >>If you are using kernel backend (not gcrypt one)
> >
> >I do :-)
> >
> >>sha1 is used as test that interface works.
> >
> >Ok, all good! So this is it. Thanks a lot!
> 
> Just to clarity it little bit:
> 
> Kernel userspace crypto API was (and still is) quite undocumented, 

This is one thing I really do not understand. Doing crypto
right is already hard. With bad documentation it gets worse.
Yet the documentation for kernel, OpenSSL, commercial
libraries I have looked at, Java API, etc. is bad. (for Java 
so bad that recently 30'000 Apps on Android were insecure).

I really do not get it. Systematic sabotage of the documentation
seems unlikely, even after Snowden, so I can only conclude
many people implementing crypto have a problem writing 
documentation.

> and testing SHA1 (which is mandatory
> for LUKS backend support) was the simplest way how
> to verify kernel backend works reliably.
> (In some kernel versions it was impossible to check if just algorithm
> is missing or the whole kernel socket interface is not available.)
> 
> It actually does not compute any sha1 hash, it just tries
> to initialize it.
> 
> BTW I found some problems with kernel backend so use with care.

Bad documentation and unreliable. Urgh.
 
> One problem is e.g. backend cannot use longer
> key for HMAC than 20480 bytes (at least on my 32bit VM),
> which can cause problems for larger keyfiles in PBKDF2.
> 
> I have workaround for this but will need some time to finish
> it (I do not want to touch internal PBKDF2 without adding test
> vectors and other tests.)

Very sensible. I completely support this approach.

Arno

> 
> Milan
> _______________________________________________
> dm-crypt mailing list
> dm-crypt at saout.de
> http://www.saout.de/mailman/listinfo/dm-crypt

-- 
Arno Wagner,     Dr. sc. techn., Dipl. Inform.,    Email: arno at wagner.name
GnuPG: ID: CB5D9718  FP: 12D6 C03B 1B30 33BB 13CF  B774 E35C 5FA1 CB5D 9718
----
A good decision is based on knowledge and not on numbers. -  Plato


More information about the dm-crypt mailing list