Re: PBKDF2 support in the linux kernel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Am Donnerstag, 24. Mai 2018, 10:33:07 CEST schrieb Rafael J. Wysocki:

Hi Rafael,

> So the problem is that Yu would like to use this for hibernation encryption
> done entirely in the kernel.

But why do you need to perform PBKDF in kernel space?

If you retain the password information in the kernel, you could retain the 
derived key instead of the passcode.

If, however, you ask for the user password during resume, you need some user 
space component to query that password. The PBKDF can also be handled in user 
space along with the query.

Or how do you want to handle the passcode?
> 
> The exact use case is to generate a symmetric encryption key out of a
> passphrase.  Is there a recommended way to do that using the algorithms
> already implemented in the kernel?

For example, dmcrypt uses PBKDF2 for its operation. And this PBKDF is done in 
user space by libcryptsetup that utilizes a crypto lib, commonly libgcrypt.
> 
> Thanks,
> Rafael



Ciao
Stephan





[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux