[pkg-cryptsetup-devel] Bug#714331: Bug#714331: Bug#714331: cryptsetup: switch to "more secure" defaults?

[Christoph Anton Mitterer]

On Fri, 2013-06-28 at 12:04 +0200, Jonas Meurer wrote:
> The Debian package doesn't use '/dev/urandom' anywhere. the cryptsetup
> binary uses upstreams default
Sure... by which the binary uses /dev/urandom ;)


> and I don't intend to change that. IIRC,
> cryptsetup defaults to '/dev/urandom'. You can decide on your own using
> the commandline --use-random and --use-urandom switches.
> 
> I guess the reasons for '/dev/urandom' as default are low-entrophy
> devices, batch mode and all that. Please discuss this issue upstream in
> case that you disagree.
Yeah... but sometimes it doesn't harm to use the ./configure options to
choose more secure defaults... when upstream hasn't decided yet.



> Your assumption was right. The default cipher for LUKS changed to
> aes-xts-plain64 with the release of cryptsetup 1.6.0. In my opionion,
> this change doesn't need to be advertised anywhere but in changelog.
> LUKS header include the cipher anyway, so no changes needed by users.
Didn't the defaults also change for plain dm-crypt? So that users trying
to set up the mapping without specifying stuff would get failures now...


> It's not that the old default aes-cbc-essiv is considered insecure. If
> that was the case, then I would agree that users would need to be warned.
No I didn't even mean because of security issues, but simply because
they now might need to specify --cipher aes-cbc-essiv:sha256


> I'm in the process of uploading cryptsetup 1.6.1-1 to unstable btw.
Just saw it... congratulations :)


Cheers,
Chris.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5113 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-cryptsetup-devel/attachments/20130628/3986cc18/attachment.bin>