"peter k." wrote:
> > - Password seeds can be used to slow down dictionary attacks. "-S XXX"
> > option added to losetup, and "-o pseed=XXX" option added to mount.
>
> could you explain us how this is used by AES and also put that into the
> readme when
> you release the next version of loop-aes? how much does a password seed
> increase
> security?
Password seed is appended to user supplied password before password is
hashed using SHA-256 one way hash. For example, if seed is:
IrzWg/8z211G4PI4l/pA
And user supplied (bad and guessable) password is:
quick brown fox jumped over lazy dog
Resulting string that would be hashed:
quick brown fox jumped over lazy dogIrzWg/8z211G4PI4l/pA
That's bad news to an attacker, because he would have to start recomputing
the hashes of the 500 billion known strings he has in his dictionary _after_
he has access to your password seed. And, if another partition has a
different seed, guess what... recompute again.
> and, would it be a good idea to use for example 128 bytes of urandom data
> (and i wouldnt save it to disk of course) as the seed when encrypting swap?
Seed is only useful to slow down dictionary attacks. It does not increase
security if a password is already random and unguessable.
Regards,
Jari Ruusu <jari.ruusu@xxxxxxxxxx>
Linux-crypto: cryptography in and on the Linux system
Archive: http://mail.nl.linux.org/linux-crypto/
