SHA-1 is not vulnerable for this application. It may become vulnerable one day, but currently it is just a bad idea for user-generated certificates and the like, since the known vulnerabilities require you to control both plain texts and to know the hash (which you do when you have one plain-text). In LUKS/dm-crypt the attacke has no plaintext (the passphrase) and in addition a successful attack on the hash does not really help, since the attacker does not have the hash value (the encryption key) either. A two-sided collision attack, as the current attacks on SHA-1 are, has no security implications here. However if you really want to rip it out, you have to create new keys, since sha-1 is used in PBKDF2 and you cannot really reverse that. You do however not need to recreate the filesystem. What you do is to make a raw image backup of the decrypted device (not mounted). Then you do your new encryption, and restore that into the nnew decrypted device. Admittedly a filesystem backup and recreation before restore is easuier. But since you have to hack the PBKDF2 code anyways, the backup and restore is the easy part. Arno On Fri, Jul 17, 2009 at 07:13:04PM +0200, martin f krafft wrote: > Hello, is it possible to alter the hash used for an existing volume? > I'd like to know if I have to recreate the entire filesystem if > I want to replace sha-1 with something stronger, or if I can change > it on-the-fly. > > Please cc me on replies, > > -- > martin | http://madduck.net/ | http://two.sentenc.es/ > > "durch frauen werden die h?hepunkte des lebens bereichert > und die tiefpunkte vermehrt." > - friedrich nietzsche > > spamtraps: madduck.bogus@xxxxxxxxxxx -- Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: arno@xxxxxxxxxxx GnuPG: ID: 1E25338F FP: 0C30 5782 9D93 F785 E79C 0296 797F 6B50 1E25 338F ---- Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans If it's in the news, don't worry about it. The very definition of "news" is "something that hardly ever happens." -- Bruce Schneier --------------------------------------------------------------------- dm-crypt mailing list - http://www.saout.de/misc/dm-crypt/ To unsubscribe, e-mail: dm-crypt-unsubscribe@xxxxxxxx For additional commands, e-mail: dm-crypt-help@xxxxxxxx
