I have not done an in-dept investigation on what openssl uses, but some people claim that it probably uses /dev/random as source. So basically the same if these claims are correct. And yes, those DD floppies are a bit outdated now ;-) Regards, Arno On Wed, Jan 06, 2021 at 12:17:30 CET, Felix Rubio wrote: > Follow up question: right now I am generating the 4 kB keyfile using openssl > rand 4096. Should the quality of the key, then, be the same if doing dd > if=/dev/random bs=64 count=1? > > Thank you! > Felix > > On 2021-01-06 12:08, Felix Rubio wrote: > > Thank you for your answer Arno... and for confirming that I should > > finally get rid of those double density floppy disks and reader :-P > > > > Regards! > > Felix > > > > On 2021-01-06 11:47, Arno Wagner wrote: > > > Hi Felix, > > > > > > I assume we are talking LUKS here, plain mode is different. > > > > > > The longer length is both convenience and helps if you > > > use low-entropy input. The keyfile does not actually > > > hold a key (LUKS mode), but a passphrase. Passphrases > > > get hashed, and once you have maximum entropy, you > > > cannot get more. I would need to look up what length > > > is actually used, but it does not depend on the lenght > > > of the encryption key. That one is stored in the anti-forensic > > > stripes, protected with the hash from that passphrase. > > > > > > So, to make this short, if you use LUKS with a keyfile, > > > putting in more entropy than used is meaningless. > > > If your random data is from /dev/random or (properly > > > initialized) /dev/urandom, 64 bytes are more than enough. > > > > > > Also, the differences between an 8kB passphrase and a > > > 64B one in execution time should not be noticeable at all. > > > Unless you read it from floppy disk ;-) > > > > > > Regards, > > > Arno > > > > > > > > > On Wed, Jan 06, 2021 at 10:17:22 CET, Felix Rubio wrote: > > > > Hi everybody, > > > > > > > > I have seen that keyfiles can be used in cryptsetup up to 8 kB, but > > > > internally the master key is 512 bits at max. Is there any > > > > recommendation > > > > / increased security by using a random sequence of 8 kB w.r.t., > > > > let's say, > > > > one of just 64 bytes? > > > > > > > > I understand that using one of 8kB will require more time than > > > > one of 64 B > > > > when unlocking the volume, but... is the former really that > > > > much more > > > > secure than the latter? > > > > > > > > Regards! > > > > Felix > > > > _______________________________________________ > > > > dm-crypt mailing list > > > > dm-crypt@xxxxxxxx > > > > https://www.saout.de/mailman/listinfo/dm-crypt > > _______________________________________________ > > dm-crypt mailing list > > dm-crypt@xxxxxxxx > > https://www.saout.de/mailman/listinfo/dm-crypt > _______________________________________________ > dm-crypt mailing list > dm-crypt@xxxxxxxx > https://www.saout.de/mailman/listinfo/dm-crypt -- Arno Wagner, Dr. sc. techn., Dipl. Inform., Email: arno@xxxxxxxxxxx GnuPG: ID: CB5D9718 FP: 12D6 C03B 1B30 33BB 13CF B774 E35C 5FA1 CB5D 9718 ---- A good decision is based on knowledge and not on numbers. -- Plato If it's in the news, don't worry about it. The very definition of "news" is "something that hardly ever happens." -- Bruce Schneier _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx https://www.saout.de/mailman/listinfo/dm-crypt
