[pkg-cryptsetup-devel] Bug#714331: cryptsetup: switch to "more secure" defaults?
Christoph Anton Mitterer
calestyo at scientia.net
Fri Jun 28 00:21:28 UTC 2013
Package: cryptsetup
Version: 2:1.4.3-4
Severity: wishlist
Hi.
Two places where I think one could switch to more secure defaults:
1) /dev/random vs. /dev/urandom
IIRC (please correct me if I'm wrong)... this was only used during
device generation (luksFormat), right?
Apart from devices created in batch mode (and whether this makes sense
from a security POV is questionable anyway)... it shouldn't hurt then
if /dev/random blocks, right?
And the entropy should be much better... especially as this was used
for the master key if I'm not wrong.
2) ciper/modes
I haven't followed the dm-crypt list that closely recently, but I remember
Milan was thinking about chaning defaults aes-xts-plain64, right?
Or has this happened in 1.6?
Anyway... I would suggest this as a "release goal" for jessy... of
course with NEWS and release notes infos...
IIRC the cipher/mode/size defaults were also hardcoded in some of the
initramfs hooks/scripts and would needed to be adapted there, too.
Cheers,
Chris.
More information about the pkg-cryptsetup-devel
mailing list