Thanks roscoe, I had somewhat of an understanding of the way luks generates the master key, although your description has filled in a number of blanks. The thing I'm still not understanding is why the master key needs salting + iteration; for a password/phrase this makes perfect sense, but I was under the impression that the master key is derived from /dev/random (or /dev/urandom ?) and that salting and iterating it may actually reduce it's entropy therefore making it _less_ impervious to attack. As you mention you are not a cryptographer (neither am I) can anyone here comment on the merits of this approach with an input key that is already very high in entropy? --------------------------------------------------------------------- dm-crypt mailing list - http://www.saout.de/misc/dm-crypt/ To unsubscribe, e-mail: dm-crypt-unsubscribe@xxxxxxxx For additional commands, e-mail: dm-crypt-help@xxxxxxxx
