|
Hi, I'm using cryptsetup for a while now, and I don't really understand how passwords are stored/processed. let's take and example ~# cryptsetup luksDump /dev/loop0 Version: 1 Cipher name: aes Cipher mode: cbc-essiv:sha256 Hash spec: sha1 Payload offset: 1032 MK bits: 128 MK digest: aa bb cc dd ee ff 00 11 22 33 44 55 66 77 88 99 aa bb cc dd MK salt: 00 11 22 33 44 55 66 77 88 99 aa bb cc dd ee ff 00 11 22 33 44 55 66 77 88 99 aa bb cc dd ee ff MK iterations: 10 UUID: xxxxxx-xxxxx-xxxx-xxxxx-xxxxx Key Slot 0: ENABLED Iterations: 223456 Salt: aa bb cc dd ee ff 00 aa bb cc dd ee ff 00 aa bb aa bb cc dd ee ff 00 aa bb cc dd ee ff 00 aa bb Key material offset: 8 AF stripes: 4000 Is that correct : H1 = PBKDF2(user_supplied_password, random_seed , key_slot_0_iterations) So in this example, and according to the man pages, a random seed is generated and hashed using the PBKDF2-SHA1 method. Iteration count is here 223456 and the salt is given by the phdr. But how long is the resulting hash ? Is this 128 bits (the MK bits field) ? Then, this hash (called here H1) is also hashed using the same method but with a different salt (MK salt) and 10 iterations (MK iterations) as follow : H2 = PBKDF2(H1, MK_salt , 10). After that, if all goes well (the user supplied the correct password), the resulting hash (H2 here) must be equal to MK digest ? (and the container/partition is linked to /dev/mapper) Am I right ? I'm also wondering, if this is right, in which manner aes/cbc-essiv:sha256 are used ? I'm a little bit confused, a nice diagram/explanation may help :-) Thanks Papi. Discute avec tes amis partout, grâce à Messenger sur ton mobile. Cliquez ici ! |
_______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
