[dm-crypt] New Luks Format Specification (1.3)

Milan Broz mbroz at redhat.com
Wed Feb 1 10:23:40 CET 2012

On 02/01/2012 08:59 AM, Philipp Deppenwiese wrote:
> Up to now we still use SHA-1 as default algorithm for PBKDF2
> in luks.

Firstly, thank you for sending to the list where it can be
properly discussed.

For others, I guess this originates in

As you know, SHA1 is not hardcoded anymore, you can use whatever
has algorithm you want and is supported in crypto library.

Arno and others will surely comment here issue of PBKDF2 use.

> The next problem is the excessive use of parallel
> bruteforcing systems like ASIC, FPGA or GPUGPU technology. A new key
> derivation function is needed in order to raise the complexity of
> bruteforce attacks against the luks key derivation function.

This is just your statement, please provide facts supporting it.

> If someone sends me the *.tex file of the luks specification, i will
> update and post it for review.

tex file is in svn. But changing LUKS header definitely doesn't work
this random way.

Please discuss your ideas, provide theoretical background, send a patch
and if there is real problem to solve, I am sure it will become
part of code.


More information about the dm-crypt mailing list