[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Some comments on partman-crypto templates

On Mon, May 01, 2006 at 02:57:32PM +0200, Christian Perrier wrote:
> > > +# An initialization vector is the initial randomness used to seed
> > > +# the encryption algorithm
> > > +_Description: Initialization vector generation algorithm for this
> > > partition:
> > 
> > I wonder if users will understand what this is about. Any reason why we 
> > could not add some more text to explain this? After all, we have a whole 
> > screen to play with...
> > 
> > I would guess that not all users trying encryption for their /home 
> > directory will be used to the terminology.
> > 
> > Maybe it would be good to go through the questions in general from this 
> > point of view.
> > Something else to add could be a warning about performance consequences.
> Completely agreed.

Yes, agreed.

This template about IV algorithm is a bit of a special case. Except
under very specific circumstances there is really no reason why anyone
would want to change the IV algorithm. One reasons could be that the
user wants the encrypted partition to be usable from another Debian/
Ubuntu/.. install on the same system that has a kernel old enough not to
support the new IV algorithms. In the normal case though, one would
always choose the most secure algorithm (essiv in this case).

David and I have already been discussing this point and agreed to
default to the recommende IV algorithm in all cases. For this particular
choice (and probably also the hash algorithm), we've considered to
change the priority of the question so that it would not be shown in
default installs but only in expert mode. I'm not sure if this can be
accomplished by simply changing the priority, will need to check. So
normal users shouldn't need to see this template at all.

> Proposal:
>  Setting up encryption needs random data to be used by the encryption
>  algorithm. This data can be obtained through various algorithms.
>  Please choose the algorithm that should be used to initialize encryption.

To make the description more accurate, IV is not actually random, but
usually derived from the sector number in some way. I tend to think
actually that it would be more useful to describe the circumstances
under which one would want to choose a different algorithm rather than
try to explain what exactly it does - since the question should become
confined to expert mode anyway.

So I would propose something like this:

  Different algorithms exist to derive the IV (Initialization vector) 
  for each sector. This choice is consequential for the security of the
  encryption and there is usually no reason to change this from the
  recommended default, except for compatibility with older systems.

> > > +Template: partman-crypto/keyhash
> > > +Type: select
> > > +Choices: ${choices}
> > > +_Description: Type of encryption key hash for this partition:
> > 
> > Same here.
> Proposal:
>  The encryption key can be provided as a "hash" which is a one-way
>  encryption of the key itself. Different hash algorithms can be
>  used to create a hash.

Most of the remarks on IV algorithm apply to this question too. There
is always one hash function that can reliably be used by default, so I
think this too should get lower priority and only be shown in expert
mode. Choosing a non-default hash function can actually decrease the 
security of the encryption if the output size of the hash function and
the expected key input size of the cipher don't match.

I would propose:

  The encryption key is derived from the passphrase by applying a 
  one-way hash function to it. There is usually no reason to change 
  this from the recommended default and doing so in the wrong way 
  can lead to lower-security encryption. 

(Hmm.. not very well worded)

> > > + Please disable the swap space (e.g. by running swapoff) or configure
> > > + an encrypted swap space and then run setup of encrypted volumes
> > > again.
> > > + This program will now abort. 
> > 
> > Will it really abort? Or will setting up encryption be broken off in a 
> > controlled manner? Aborting to me means: please reboot your system and 
> > start the installation from scratch.
> Needs further discussion. Nothing commited

Agreed, it is not clear from the template what is going to happen. 
It actually refuses to continue with configuration of the encrypted
partitions and returns to the main menu of partman. 

This template might need further changes in the future, because we
should really try disable the swap space automatically and only show 
an error in case that could not be done. I would recommend to have it
remain as-is for the moment until this gets implemented.

I agree with and like the other changes you've commited, thank you.


Reply to: