On Fri, 22 Sep 2000, Alexander S A Kjeldaas wrote:
> On Fri, Sep 22, 2000 at 11:46:02AM +0200, Gisle Sælensminde wrote:
> >
> > Since des_ede3(3des) now is added to the international kernel, it will
> > probably be a good idea to add support for it in losetup, so here is
> > a patch to the kerneli version of util-linux-2.10m / kerneli 2.2.17.3
> >
> > Since this is crypto-related the patch is found at the URL:
> >
> > ftp://ftp.ii.uib.no/pub/gisle/kerneli/patch.util-linux.3des
> >
> >
> > DES_EDE3 needs bytes of key data, but ripemd160 used as hash the
> > passphrase only provides 20 bytes of key data. To get 24 bytes of key
> > data, the an uppercase 'A' is concatenated with the passphrase, and this
> > string is hashed to get another 20 bytes of key data. Similar methods is
> > used in SSL and SSH to get the session keys from the key exchange.
> >
>
> Just curious. Do you know whether this strengthens security at all? I
> would guess that the security can not be better than if we used
> RIPE-MD320 to hash the passphrase, and that hash is considered to have
> the same security as RIPE-MD160.
The scheme don't limit the entropy of the key to 160 bits if the
passpharse has more entropy than that, so the scheme should be suitable.
Keylength of 160 bit is anyway a large margin for this kind of use.
A drawback by changing hash is that people will no longer be able to mount
their encrypted disks with the new version of losetup. This version is a
pure extensions to be able to use algorithms with more than 160 bit
keysize. It will probably be a bad idea to break compatibility when no
significant security improvment can be archieved.
I'm almost certain that nobody have passphrases with more than 160 bits of
real entropy. I don't think that the overall security for the system will
increse, neither with this patch nor with a change to ripemd-320. Of that
reason I prefere compatibility unless ripemd-160 should be broken some
time in the future.
> > I also changed the code to allow all ciphers to use the same code for
> > key generation, but everything is kept compatible.
> >
>
> Looks sane. Merged it and updated the util-linux patch to 2.10o.
>
-- Gisle Sælensminde ( gisle@ii.uib.no )With sufficient thrust, pigs fly just fine. However, this is not necessarily a good idea. It is hard to be sure where they are going to land, and it could be dangerous sitting under them as they fly overhead. (from RFC 1925)
- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sat Sep 23 2000 - 21:00:27 EST