On 02.03.2014, Arno Wagner wrote: > > It's not always the facts which leads to action, but the peoples > > assumptions and beliefs. After all, there's a general disbelief in all > > things the NSA put their fingers on. That said, it is not hard for me > > to understand what people moves to use whirlpool over SHAx.. > The advice is not to change crypto parameters unless you > really know what you are doing. Most people do not and make > matters worse. It's perfectly clear to me (and I'm neither using whirlpool nor a libgcrypt < 1.6.1). What I wanted to point out is that it seems to me that people have lost their confidence in anything the NSA touched. Thus, they seem to choose what they believe is most suitable, and not what is based on facts. > The only thing we can try to do heres is to > explain, as, e.g., FAQ Item 5.20 "LUKS is broken! It uses SHA-1!" > tries to do. I guess this is not sufficient, unless this is supplemented with a clear statement on why they should trust something produced by the NSA. That the recent attacks on SHA-1 are not relevant for LUKS/dmcrypt is not the point, people understand that. SHA-x is produced by the NSA, that's the problem. It's a matter of belief, not facts. The whole Snowden case and all the articles, reports and other media accompanying it shaped an overall statement: "You can't trust the NSA". I guess the problem lies right here. And that is why people choose e.g. whirlpool over the defaults. There are many well-known theories and models which try to explain and/or predict such behaviour, see e.g. http://people.umass.edu/aizen/tpb.diag.html (I for myself am quite comfortable with the defaults, because the only purpose of encryption for me is to protect my data on my laptop in case it gets stolen, and the defaults run fast on that machine. I do not worry if the NSA has put a backdoor in SHA-1, because it would hardly ever happen that the thief who stole my machine has that insider knowledge to use it. So I consider my data to be safe in case my machine gets stolen, and that's all I want.) _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
