[dm-crypt] plain: opening with a wrong password
michael at skrilnetz.net
Fri Feb 6 15:19:22 CET 2015
If you are concerned about the header, you could use Luks with a
detached header. This way you have the advantages of Luks and you can
store the header separate from the encrypted container.
Quoting dennis at basis.uklinux.net:
> On Fri, Feb 06, 2015 at 12:51:35AM +0100, Arno Wagner wrote:
>> If your passphrase is weak enough that a dictionary
>> attack has a reasonable success of working (and a dictionary
>> attack is the only thing the salt that hashalot adds helps
>> against), then you are pretty deep in insecure territory and
>> _need_ the hash iteration that LUKS provides, but which is
>> missing from both plain and hashalot.
>> Please do not spread unsubstantiated rumors. It is hard enough
>> these days for non-experts to decide what crypto to trust
>> and what not. Rumors of the kind "metadata headers offer
>> attack vectors" make this even worse.
> Count me among the non-experts. I have two questions. (a) Wouldn't
> metadata headers incur a loss of plausible deniablity compared to
> plain mode, especially when an encrypted filesystem image is stored as
> a single file on backup media or in the backing file for a loopback
> device? (b) Assuming a secure passphrase, wouldn't plain mode be more
> secure than luks against possible vulnerabilities in the hashing
> algorithm that may be discovered in the future?
> dm-crypt mailing list
> dm-crypt at saout.de
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 1718 bytes
Desc: PGP Public Key
More information about the dm-crypt