Root filesystem encryption update
Bruno Wolff III
bruno at wolff.to
Tue Jun 19 05:46:04 UTC 2007
On Mon, Jun 18, 2007 at 18:05:35 -0400,
Jeremy Katz <katzj at redhat.com> wrote:
>
> If the idea is to actually _support_ full disk encryption in Fedora,
> then it has to be everywhere. In the installer. On upgrades (at least
> for the Fedora n+1 release :-). In the documentation. Otherwise, we're
> doing ourselves a great disservice by talking out of one side of our
> mouth saying it's supported but on the other claiming "well, maybe not
> so much".
>
What that means is there should be a plausible path to all of this so people
aren't working what is sure to be a blind alley. But if you expect the whole
shebang to be done at once, that is a recipie for a project that never gets
done.
> If it takes less than a second, then that means the measures to slow
> down password guessing are pretty bad ;-) You want an exponential
> backoff that gets pretty slow pretty fast or it becomes way too easy to
> brute force. And even for initial boots, another of the goals for
> Fedora 8 is actually making things faster. Why would we make two
> features work directly against each other?
You can't do exponential back off in this context. The protection measures are
against someone that has your disk. The typical way to do this is to
rehash the password many times so that the cpu calculations take a significant
amount of time for each guess. You aren't relying on an application delaying
its response.
One password per second isn't really all that bad; at that rate you only
need about 25 bits of entropy in your password to protect you for a year.
More information about the fedora-devel-list
mailing list