.. ink ..: > On Thu, Jan 9, 2014 at 1:51 AM, Arno Wagner <arno@xxxxxxxxxxx> wrote: > >> Hi Konrad, >> >> On Wed, Jan 08, 2014 at 23:35:42 CET, Konrad wrote: >>> I am new to disk encryption and I have been reading on it for the >>> last days, but I am still confused on some points. I would >>> appreciate if someone knowledgeable could clue me in. >> >> If you have not found it yet, the FAQ is at >> http://code.google.com/p/cryptsetup/wiki/FrequentlyAskedQuestions >> >>> 1. Is SHA1 just as secure for this purpose as SHA512? After reading >>> cryptsetup docs I have a feeling that yes, but I get conflicting >>> opinions from various people, so I thought it's best ask at the >>> source. >> >> It is. These "various people" likely do not understand what the >> attacks on SHA1 actually are but merely heard that it was "insecure". >> See also FAQ Item 5.20 >> >> > We live in the world of twitter where you automatically loose when you need > to explain yourself. you might - not everybody else does > > More and more of this type of question will start to show up and this > inquiry just showed an explanation in the FAQ is not enought to offer > assurance and giving an answer each and every time here will get boring > pretty soon and rudeness will ensue. wouldn't need to if one slows down, takes a cup of coffee and read elsewhere on the big old internet patience is a virtue; you won't be secure if you're in a hurry > > Whats the worse that could happen if the default is switched to SHA2?If it > makes no practical difference,then switching seem to be a better > alternative just to silence these kind of questions as their existence puts > doubt in cryptsetup's security robustness. you don't have to use defaults - you're free to do what you like but show us that defaults are not safe; please do > > > > _______________________________________________ > dm-crypt mailing list > dm-crypt@xxxxxxxx > http://www.saout.de/mailman/listinfo/dm-crypt > _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
