On Sun, Feb 08, 2015 at 09:19:54 CET, Heinz Diehl wrote: > On 08.02.2015, Matthias Schniedermeyer wrote: > > > > You need something to compare the passphrase to, and that's the hash. > > > How would you check the validity of the entered passphrase otherwise? > > > A plain text comparison is obviously impossible. > > > With Plain the password can't be verified, the dm-crypt device is setup > > and if the password was wrong, the "decrypted" device contains garbage. > > Containers usually have a means to test if the password is correct, > > plain does not. > > I tried to keep it simple in my example. Although you're (of course) right, I > didn't write about "plain encryption" or "plain dmcrypt", but plain text > comparison, in order to explain why there is the need for e.g. a hash. > As you point out, with plain dmcrypt the only possibility is actually > using the password and checking if the "decrypted" data based on it > makes any sense. Form a purely practical perspective, the difference usually negligible. Wile plain dm-crypt mounting fails at the mount-stage due to wrong filesystem signatures, LUKS mounting fails at the decrypt stage. >From an attacker's perspecive, the difference is also small, except that all the iteration in LUKS adds a massive amount of computational effort. The data in the LUKS header does not help the attacker at all. It does take a look at the details (as so often in crypto protocols) to see that though. Arno -- Arno Wagner, Dr. sc. techn., Dipl. Inform., Email: arno@xxxxxxxxxxx GnuPG: ID: CB5D9718 FP: 12D6 C03B 1B30 33BB 13CF B774 E35C 5FA1 CB5D 9718 ---- A good decision is based on knowledge and not on numbers. -- Plato If it's in the news, don't worry about it. The very definition of "news" is "something that hardly ever happens." -- Bruce Schneier _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt