Hi, I was looking at the ecryptfs source code, and saw that the actual encryption key inserted into the kernel keyring is the *original* wrapped passphrase, SHA512'ed 65536 times. Why is a user-given passphrase encrypted as key, and not data from /dev/random? I unwrapped the passphrase on my Linux Mint system and saw it is actually a random string, so the Ubuntu/Mint installer took care of it for me. But why is that responsibility given to the user / outside world? One of the problems is that I can't change it. Had I made a ecryptfs archive myself and wrapped 'hello' as passphrase, that weak key will be used and cannot be changed by rewrapping. Would it be possible/feasible to do something like: * generate random encryption key A for insertion into kernel keyring. * derive encryption key B from password with 'generate_passphrase_sig(...)' to encrypt key A. * In v2 wrapped passphrase file, Octets 26-N1, store encrypted A, instead of encrypted passphrase. Depending on how it's implemented, it could even be done completely backwards compatible (by ignoring the to-wrap passphrase). Regards, Wiebe -- To unsubscribe from this list: send the line "unsubscribe ecryptfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
