Maybe I got a misconception here. But if I remember correctly: In case of auth, a collision might get you authed, in LUKS a collission gets you past the candidate check, but a mere collision without hitting the correct key, results in gibberish during decryption. If I am wrong, please correct me here... I was not really discussing the "excact" procedure of hashing in cryptsetup here, but maybe I slipped on something? Regards -Sven P.S.: It's been a while since I read the source of cryptsetup ;-). On Sun, August 23, 2015 21:38, Arno Wagner wrote: > On Sun, Aug 23, 2015 at 20:51:42 CEST, Sven Eschenberg wrote: >> On Sat, August 22, 2015 05:38, Heinz wrote: >> > Arno Wagner <arno@...> writes: >> > >> >> No, that is not the statement. The statement is that collision >> attacks >> >> (the SHA1-weakness) are irrelevant for password hasing. >> > >> > Or in other words, SHA1 is secure in this case. But why not always use >> the >> > best possible hash algorithm, instead of an option which is at least >> safe? >> > I would logically use always the strongest one, purely as a >> precaution, >> > and >> > not what has already demonstrated weaknesses of any kind. I would not >> want >> > to wait if SHA1 really holds a long time. :) >> >> Sorry to intervene here. Hashing in LUKS is only used to check if a >> password/passphrase is a candidate. So, even if you manage to find a >> collision, the worst that can happen is, that LUKS accepts the >> 'collisison' as valid key and you'll get gibberish on the mapping. Your >> encrypted data will be useless 'random' data and is not compromised >> then. > > I seem to remember that PBKDF2 gets the hash discussed (SHA1) as input > and also that the AF splitter uses it. Still not an issue. > > Arno > -- > Arno Wagner, Dr. sc. techn., Dipl. Inform., Email: arno@xxxxxxxxxxx > GnuPG: ID: CB5D9718 FP: 12D6 C03B 1B30 33BB 13CF B774 E35C 5FA1 CB5D > 9718 > ---- > A good decision is based on knowledge and not on numbers. -- Plato > > If it's in the news, don't worry about it. The very definition of > "news" is "something that hardly ever happens." -- Bruce Schneier > _______________________________________________ > dm-crypt mailing list > dm-crypt@xxxxxxxx > http://www.saout.de/mailman/listinfo/dm-crypt > _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
