|
Packit Service |
a9384c |
Cryptsetup 1.7.0 Release Notes
|
|
Packit Service |
a9384c |
==============================
|
|
Packit Service |
a9384c |
|
|
Packit Service |
a9384c |
The cryptsetup 1.7 release changes defaults for LUKS,
|
|
Packit Service |
a9384c |
there are no API changes.
|
|
Packit Service |
a9384c |
|
|
Packit Service |
a9384c |
Changes since version 1.6.8
|
|
Packit Service |
a9384c |
|
|
Packit Service |
a9384c |
* Default hash function is now SHA256 (used in key derivation function
|
|
Packit Service |
a9384c |
and anti-forensic splitter).
|
|
Packit Service |
a9384c |
|
|
Packit Service |
a9384c |
Note that replacing SHA1 with SHA256 is not for security reasons.
|
|
Packit Service |
a9384c |
(LUKS does not have problems even if collisions are found for SHA1,
|
|
Packit Service |
a9384c |
for details see FAQ item 5.20).
|
|
Packit Service |
a9384c |
|
|
Packit Service |
a9384c |
Using SHA256 as default is mainly to prevent compatibility problems
|
|
Packit Service |
a9384c |
on hardened systems where SHA1 is already be phased out.
|
|
Packit Service |
a9384c |
|
|
Packit Service |
a9384c |
Note that all checks (kernel crypto API availability check) now uses
|
|
Packit Service |
a9384c |
SHA256 as well.
|
|
Packit Service |
a9384c |
|
|
Packit Service |
a9384c |
* Default iteration time for PBKDF2 is now 2 seconds.
|
|
Packit Service |
a9384c |
|
|
Packit Service |
a9384c |
Increasing iteration time is in combination with PBKDF2 benchmark
|
|
Packit Service |
a9384c |
fixes a try to keep PBKDF2 iteration count still high enough and
|
|
Packit Service |
a9384c |
also still acceptable for users.
|
|
Packit Service |
a9384c |
|
|
Packit Service |
a9384c |
N.B. Long term is to replace PBKDF2 algorithm with Password Hashing
|
|
Packit Service |
a9384c |
Competition winner - Argon2.
|
|
Packit Service |
a9384c |
|
|
Packit Service |
a9384c |
Distributions can still change these defaults in compilation time.
|
|
Packit Service |
a9384c |
|
|
Packit Service |
a9384c |
You can change iteration time and used hash function in existing LUKS
|
|
Packit Service |
a9384c |
header with cryptsetup-reencrypt utility even without full reencryption
|
|
Packit Service |
a9384c |
of device (see --keep-key option).
|
|
Packit Service |
a9384c |
|
|
Packit Service |
a9384c |
* Fix PBKDF2 iteration benchmark for longer key sizes.
|
|
Packit Service |
a9384c |
|
|
Packit Service |
a9384c |
The previous PBKDF2 benchmark code did not take into account
|
|
Packit Service |
a9384c |
output key length properly.
|
|
Packit Service |
a9384c |
|
|
Packit Service |
a9384c |
For SHA1 (with 160-bits output) and 256-bit keys (and longer)
|
|
Packit Service |
a9384c |
it means that the final iteration value was higher than it should be.
|
|
Packit Service |
a9384c |
|
|
Packit Service |
a9384c |
For other hash algorithms (like SHA256 or SHA512) it caused
|
|
Packit Service |
a9384c |
that iteration count was lower (in comparison to SHA1) than
|
|
Packit Service |
a9384c |
expected for the requested time period.
|
|
Packit Service |
a9384c |
|
|
Packit Service |
a9384c |
The PBKDF2 benchmark code is now fixed to use the key size for
|
|
Packit Service |
a9384c |
the formatted device (or default LUKS key size if running in informational
|
|
Packit Service |
a9384c |
benchmark mode).
|
|
Packit Service |
a9384c |
|
|
Packit Service |
a9384c |
Thanks to A.Visconti, S.Bossi, A.Calo and H.Ragab
|
|
Packit Service |
a9384c |
(http://www.club.di.unimi.it/) for point this out.
|
|
Packit Service |
a9384c |
(Based on "What users should know about Full Disk Encryption
|
|
Packit Service |
a9384c |
based on LUKS" paper to be presented on CANS2015).
|
|
Packit Service |
a9384c |
|
|
Packit Service |
a9384c |
* Remove experimental warning for reencrypt tool.
|
|
Packit Service |
a9384c |
The strong request for full backup before using reencryption utility
|
|
Packit Service |
a9384c |
still applies :)
|
|
Packit Service |
a9384c |
|
|
Packit Service |
a9384c |
* Add optional libpasswdqc support for new LUKS passwords.
|
|
Packit Service |
a9384c |
|
|
Packit Service |
a9384c |
If password is entered through terminal (no keyfile specified) and
|
|
Packit Service |
a9384c |
cryptsetup is compiled with --enable-passwdqc[=/etc/passwdqc.conf],
|
|
Packit Service |
a9384c |
configured system passwdqc settings are used to check password quality.
|
|
Packit Service |
a9384c |
|
|
Packit Service |
a9384c |
* Update FAQ document.
|
|
Packit Service |
a9384c |
|
|
Packit Service |
a9384c |
Cryptsetup API NOTE:
|
|
Packit Service |
a9384c |
|
|
Packit Service |
a9384c |
Direct terminal handling and password calling callback for passphrase
|
|
Packit Service |
a9384c |
entry will be removed from libcryptsetup in next major (2.x) version
|
|
Packit Service |
a9384c |
(application should handle it itself).
|
|
Packit Service |
a9384c |
It means that application have to always provide password in API calls.
|
|
Packit Service |
a9384c |
|
|
Packit Service |
a9384c |
Functions returning last error will be removed in next major version (2.x).
|
|
Packit Service |
a9384c |
These functions did not work properly for early initialization errors
|
|
Packit Service |
a9384c |
and application can implement better function easily using own error callback.
|
|
Packit Service |
a9384c |
|
|
Packit Service |
a9384c |
See comments in libcryptsetup.h for more info about deprecated functions.
|