On Fri, Jan 10, 2014 at 16:33:56 CET, .. ink .. wrote: > > So changing the hash does not do anything, really as the > > attacker can only try to brute-force the passphrase and > > that takes the same effort for SHA-1 and for SHA-512. > > > > > cryptsetup 1.6.0 changed default cipher mode from cbc to xts not because > cbc had practical issues but because xts was becoming a > standard[1].Sometimes it makes sense to be where everybody else is if being > anywhere is just as good as being anywhere else.If it makes not practical > difference btw SHA1 and SHA2,then moving away from SHA1 seem like a good > idea with the reason being having one less thing to explain in the FAQ. > > [1] http://comments.gmane.org/gmane.linux.kernel.device-mapper.dm-crypt/6409 CBC has issues that XTS avoids and some of them are pretty practical, for example the watermark attack. SHA1 has no such issues as it is used in LUKS. Sorry, but changing default algorithms to reduce questions by people is about the worst possible reason to do it. Also, I do not see the questions by people as such a bad thing. We can point them in the right direction and maybe learn a thing or two about what concerns LUKS users have and maybe some of them actually read parts of the FAQ. Arno -- Arno Wagner, Dr. sc. techn., Dipl. Inform., Email: arno@xxxxxxxxxxx GnuPG: ID: CB5D9718 FP: 12D6 C03B 1B30 33BB 13CF B774 E35C 5FA1 CB5D 9718 ---- There are two ways of constructing a software design: One way is to make it so simple that there are obviously no deficiencies, and the other way is to make it so complicated that there are no obvious deficiencies. The first method is far more difficult. --Tony Hoare _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
