On Wed, Mar 12, 2008 at 03:45:39PM +0100, Jonas Meurer wrote: > Hey Dennis, > > Would you mind closing bug #387159 -compulsory hashing in luks format > in the debian bugtracking system now that you don't insist on that > feature any longer? > > greetings, > jonas > Hi Jonas, Although I was mistaken about passphrases being truncated, I still don't feel comfortable about hashing a hex key for the other reason I mentioned. The problem is that hashes of keys in hex format might be statistically biased, giving an attacker an advantage. I don't know whether they are, but since I have nothing to gain in security, why should I risk it (or have that choice made for me)? Currently the --hash=plain option is ignored with luks actions (according to the manual page). It's easy enough to fix and would harm no one, so I see no reason it shouldn't be. Dennis --------------------------------------------------------------------- dm-crypt mailing list - http://www.saout.de/misc/dm-crypt/ To unsubscribe, e-mail: dm-crypt-unsubscribe@xxxxxxxx For additional commands, e-mail: dm-crypt-help@xxxxxxxx
