The MK salt is used to salt the passwords to the MK, AFAIK thats all it's used for. On Sat, May 24, 2008 at 5:45 PM, domiel <domiel42@xxxxxxxxxxxx> wrote: > Thanks roscoe, > > I had somewhat of an understanding of the way luks generates the master key, > although your description has filled in a number of blanks. > > The thing I'm still not understanding is why the master key needs salting + > iteration; for a password/phrase this makes perfect sense, but I was under the > impression that the master key is derived from /dev/random (or /dev/urandom ?) > and that salting and iterating it may actually reduce it's entropy therefore > making it _less_ impervious to attack. > > As you mention you are not a cryptographer (neither am I) can anyone here > comment on the merits of this approach with an input key that is already very > high in entropy? > > > > > > --------------------------------------------------------------------- > dm-crypt mailing list - http://www.saout.de/misc/dm-crypt/ > To unsubscribe, e-mail: dm-crypt-unsubscribe@xxxxxxxx > For additional commands, e-mail: dm-crypt-help@xxxxxxxx > > --------------------------------------------------------------------- dm-crypt mailing list - http://www.saout.de/misc/dm-crypt/ To unsubscribe, e-mail: dm-crypt-unsubscribe@xxxxxxxx For additional commands, e-mail: dm-crypt-help@xxxxxxxx
