On Thu, Jan 09, 2014 at 12:22:08 CET, .. ink .. wrote: > On Thu, Jan 9, 2014 at 1:51 AM, Arno Wagner <arno@xxxxxxxxxxx> wrote: [...] > > It is. These "various people" likely do not understand what the > > attacks on SHA1 actually are but merely heard that it was "insecure". > > See also FAQ Item 5.20 > > > > > We live in the world of twitter where you automatically loose when you need > to explain yourself. Only apparently. You do not get security without understanding what you are doing. The "twittiots" (just created that myself, but I do not claim originality ;-) have already lost here and nothing is going to save them. Insignt and care cannot be replaces by anything else. > More and more of this type of question will start to show up and this > inquiry just showed an explanation in the FAQ is not enought to offer > assurance and giving an answer each and every time here will get boring > pretty soon and rudeness will ensue. The FAQ is not read by most people. I am aware of that. Occasionally I get feedback from people that are really glad to have found it though. The primary use of the FAQ is to make an answer brief: "See FAQ Item 5.20". The secondary use is "I told you so" when yest somebody again manages to destroy their data becasue they have not bothered to find out how to handle LUKS right. The tertiary use is for the few that are aware that this is difficult and actually read the FAQ before messing up. > Whats the worse that could happen if the default is switched to SHA2? Complete breakdown. The LUKS header does not support a hash-spec in this place at the moment, so it would need to be done via some kind of dirty hack. Also, SHA2 may not actually be much more secure than SHA1. It is usually only recommended as intermediate solution until SHA-3 becomes available. As the NSA seems to have messed with SHA-3, that might take a while. > If it makes no practical difference,then switching seem to be a better > alternative just to silence these kind of questions as their existence > puts doubt in cryptsetup's security robustness. It does make a significant practical difference with regard to the software engineering aspects. Arno -- Arno Wagner, Dr. sc. techn., Dipl. Inform., Email: arno@xxxxxxxxxxx GnuPG: ID: CB5D9718 FP: 12D6 C03B 1B30 33BB 13CF B774 E35C 5FA1 CB5D 9718 ---- There are two ways of constructing a software design: One way is to make it so simple that there are obviously no deficiencies, and the other way is to make it so complicated that there are no obvious deficiencies. The first method is far more difficult. --Tony Hoare _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
