Bug#621791: Please support setting LUKS options for speed/brute-forcing tradeoff
Package: partman-crypto
Severity: wishlist
LUKS tunes its passphrase handling (the number of iterations for the
PBKDF2 algorithm) to ensure that attempting to use a particular
passphrase will take a minimum amount of time, to make brute-forcing
much more difficult. By default, LUKS tunes this to take approximately
one second on the current machine. However, LUKS supports configuring
the desired number of milliseconds, to trade off between speed and
protection from brute-forcing. Please support setting this option when
creating an encrypted volume during installation.
Thanks,
Josh Triplett
-- System Information:
Debian Release: wheezy/sid
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'stable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.38-2-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Reply to: