On Wed, Nov 18, 2009 at 02:26:10PM +0100, Milan Broz wrote: > On 11/18/2009 12:20 PM, Milan Broz wrote: > > For default LUKS header hash: > > > > - default is SHA1 > > > > switching to another (probably SHA-256?) means complete incompatibility > > with all cryptsetup <1.1.x, this need some time when all most distros > > use new cryptsetup. > > No need to hurry, there is no problem with SHA1 in this application > > of hash function. > > Also I think we can increase MK digest iterations > (default is now 10, increasing it to 1000 should not cause any performance > problems. Just make the possible attack to MK digest more complicated > if some hash is completely broken in future.) > > Does this make sense of it is not needed? If I understand this correctly, this is the "iteration-count" parameter to PBKDF2. If so, then RFC 2898 recommends a minimum count of 1000 anyways. This is hovever not protection against a broken hash, as even a very weak hash should be extremely hard to break when iterated 10 times. The main purpose of this parameter is to make exhaustive search more expensive. I think this should definitely go up to 1000. Arno -- Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: arno@xxxxxxxxxxx GnuPG: ID: 1E25338F FP: 0C30 5782 9D93 F785 E79C 0296 797F 6B50 1E25 338F ---- Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans If it's in the news, don't worry about it. The very definition of "news" is "something that hardly ever happens." -- Bruce Schneier _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt