[dm-crypt] dmcrypt concern

Martin, David K. have.a.good.dave at gmail.com
Wed Mar 11 20:16:09 CET 2015

I have a question about dmcrypt. If the MK digest is the output of SHA1,
wouldn't the master key be the weakest point the the setup? SHA1 one only
provide 80 bits of security and that can't be changed.

All an attacker have to do is seek a collision in SHA1 to get the master
key.. There would be absolutely no point in going after the password
especially if you use a 512 bit hash like SHA512 or WHIRLPOOL. Those two
provide 256 bits of security. The 80 bits of security for the master key is
the weak point in the setup.

Am I understanding that right?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.saout.de/pipermail/dm-crypt/attachments/20150311/c01e2af0/attachment.html>

More information about the dm-crypt mailing list