Karel Zak wrote: > On Wed, Aug 29, 2007 at 01:23:42PM -0600, LaMont Jones wrote: > > > Subject: [PATCH] losetup: support password hashing and specifying the key length > > > > * add support for password hashing (sha512, sha384, sha256, rmd160). > > * add support for loop-AES style strings like "twofish256" for > > specifying the encryption algorithm and key length. > > I'd like to fix losetup, because it works incorrectly with encryption > key size. It's really old problem. It makes sense use everything from > Ludwig's patch **except** hash functions. It means your non-upstream > stuff will be smaller (hash functions only) and upstream version will > be fixed :-) Well, I'm not a crypto expert but IMHO it doesn't make much sense to use encryption without hashing the passphrase. The password space is too small so a simple password or passphrase is unsuitable for use with disc encryption. You need the hash function to generate a pseudo random key that fully exploits the 16-32 byte key space. Nevertheless your patch certainly has the benefit of reducing the size of the patch that adds hash functions so what about omitting the docu about the -e and -k options? cu Ludwig -- (o_ Ludwig Nussel //\ V_/_ http://www.suse.de/ SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg) - To unsubscribe from this list: send the line "unsubscribe util-linux-ng" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
