Change LUKS defaults to AES-256 (512 bits key) with SHA-2 Hash

[GoogleCodeExporter]

I propose to change the LUKS defaults to
AES-256: needs keybits 512 with xts
Hash: SHA-2 or Whirlpool or similar

Todays computing power makes this as a reasonable default compared to plain 
where you already propose AES-256 with cbc (keybits 256)

The ENISA proposes to harden encryption to be prepared...
http://www.enisa.europa.eu/activities/identity-and-trust/library/deliverables/al
gorithms-key-sizes-and-parameters-report

Original issue reported on code.google.com by thomas.b...@gmail.com on 8 Jan 2014 at 9:19

Attachments:

• configure.ac.patch

[GoogleCodeExporter]

You can change this as distro maintainer, you can change it as user during 
format.

For sha1 - see discussion and FAQ, there is no problem with SHA1 in LUKS. We 
keep it as default to be compatible with old cryptsetup which recognized only 
sha1.

For AES128-XTS - again, compatibility (and sometimes performance) reasons - 
512bits key requires more keyslot space.

I think next major version will open this question again (you can add also 
request for different KDF - like e.g. using scrypt instead of PBKDF2) but for 
now there is really not strong reason to switch default options.

Please if you want to discuss this, use dmcrypt mailing list (also see the 
archive).

(Again, if you have hardened distro, just change defaults for you distro.)

Original comment by gmazyl...@gmail.com on 10 Jan 2014 at 7:42

• Changed state: Done
• Added labels: Type-Enhancement
• Removed labels: Type-Defect