In the faq it is said that the use of sha1 for the purpose used in Luks is valid because it is not the cryptographic feature that is used but instead the time delay for retreaving the master key. However is this really the case? The output of Sha1 is a 160 bit string. A password is iterated using PBKDF2(with sha1). But can't I just use all the possible sha1 values to decrypt the master key and validate it with the master key checksum? Does this not effectively reduce the possible passwords for an AES 256 bit volume to a password of 160 bit length? Kind regards, ____________________________________________________________ South Africas premier free email service - www.webmail.co.za Slim now! Pay later! http://clients.wm.co.za/20086125/default.htm _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
