encrypting partitions
Bruno Wolff III
bruno at wolff.to
Mon Jul 16 15:09:57 UTC 2007
On Sun, Jul 15, 2007 at 18:31:55 -0400,
Louis E Garcia II <louisg00 at bellsouth.net> wrote:
> I encrypted my /home partition with luksformat back when I installed
> fc6, using the aes cipher and sha256 hash. I currently am running f7
> with the same /home partition. I recently read where sha-1 was broken.
> Do I need to worry about my data? Is this the strongest encryption
> available with f7? I noticed an sha512 module, is there a stronger hash
> I can use? I don't mind reformatting.
Since your asking here, I doubt you have the kind of enemies where the
brokenness of MD5, SHA1 and similar hashes is an immediate concern.
Yes, the hashes aren't as strong as would be indicated by their output size,
but in practice that normally isn't a big deal. There is one problem area
of immediate concern in that in special cases it is practical to generate
two strings with the same hash. That will probably not be a concern in your
case.
Here is a blog entry from Bruce Schneier regarding the announcement of
the break in SHA1 a couple of years ago:
http://www.schneier.com/blog/archives/2005/02/sha1_broken.html
It shouldn't be hard, to find other references to the problem.
More information about the fedora-list
mailing list