[dm-crypt] question regarding Sha1 and 512 bit key xts mode
sven at whgl.uni-frankfurt.de
Sun Aug 23 22:21:28 CEST 2015
Maybe I got a misconception here.
But if I remember correctly:
In case of auth, a collision might get you authed, in LUKS a collission
gets you past the candidate check, but a mere collision without hitting
the correct key, results in gibberish during decryption.
If I am wrong, please correct me here...
I was not really discussing the "excact" procedure of hashing in
cryptsetup here, but maybe I slipped on something?
P.S.: It's been a while since I read the source of cryptsetup ;-).
On Sun, August 23, 2015 21:38, Arno Wagner wrote:
> On Sun, Aug 23, 2015 at 20:51:42 CEST, Sven Eschenberg wrote:
>> On Sat, August 22, 2015 05:38, Heinz wrote:
>> > Arno Wagner <arno at ...> writes:
>> >> No, that is not the statement. The statement is that collision
>> >> (the SHA1-weakness) are irrelevant for password hasing.
>> > Or in other words, SHA1 is secure in this case. But why not always use
>> > best possible hash algorithm, instead of an option which is at least
>> > I would logically use always the strongest one, purely as a
>> > and
>> > not what has already demonstrated weaknesses of any kind. I would not
>> > to wait if SHA1 really holds a long time. :)
>> Sorry to intervene here. Hashing in LUKS is only used to check if a
>> password/passphrase is a candidate. So, even if you manage to find a
>> collision, the worst that can happen is, that LUKS accepts the
>> 'collisison' as valid key and you'll get gibberish on the mapping. Your
>> encrypted data will be useless 'random' data and is not compromised
> I seem to remember that PBKDF2 gets the hash discussed (SHA1) as input
> and also that the AF splitter uses it. Still not an issue.
> Arno Wagner, Dr. sc. techn., Dipl. Inform., Email: arno at wagner.name
> GnuPG: ID: CB5D9718 FP: 12D6 C03B 1B30 33BB 13CF B774 E35C 5FA1 CB5D
> A good decision is based on knowledge and not on numbers. -- Plato
> If it's in the news, don't worry about it. The very definition of
> "news" is "something that hardly ever happens." -- Bruce Schneier
> dm-crypt mailing list
> dm-crypt at saout.de
More information about the dm-crypt