[dm-crypt] plain: opening with a wrong password

Michael michael at skrilnetz.net
Fri Feb 6 15:19:22 CET 2015


If you are concerned about the header, you could use Luks with a  
detached header. This way you have the advantages of Luks and you can  
store the header separate from the encrypted container.

Quoting dennis at basis.uklinux.net:

> On Fri, Feb 06, 2015 at 12:51:35AM +0100, Arno Wagner wrote:
>> If your passphrase is weak enough that a dictionary
>> attack has a reasonable success of working (and a dictionary
>> attack is the only thing the salt that hashalot adds helps
>> against), then you are pretty deep in insecure territory and
>> _need_ the hash iteration that LUKS provides, but which is
>> missing from both plain and hashalot.
>>
>> ...
>>
>> Please do not spread unsubstantiated rumors. It is hard enough
>> these days for non-experts to decide what crypto to trust
>> and what not. Rumors of the kind "metadata headers offer
>> attack vectors" make this even worse.
>
> Count me among the non-experts. I have two questions. (a) Wouldn't
> metadata headers incur a loss of plausible deniablity compared to
> plain mode, especially when an encrypted filesystem image is stored as
> a single file on backup media or in the backing file for a loopback
> device? (b) Assuming a secure passphrase, wouldn't plain mode be more
> secure than luks against possible vulnerabilities in the hashing
> algorithm that may be discovered in the future?
> _______________________________________________
> dm-crypt mailing list
> dm-crypt at saout.de
> http://www.saout.de/mailman/listinfo/dm-crypt


-- 
Regards,
Michael

https://skrilnetz.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-keys
Size: 1718 bytes
Desc: PGP Public Key
URL: <http://www.saout.de/pipermail/dm-crypt/attachments/20150206/b5b1e4ad/attachment.key>


More information about the dm-crypt mailing list