Bug#723729: other places
Hi Thiemo,
Good to have someone reviewing this code. Use of --use-urandom by
default is a very good catch and fully agree with changing that.
On 15/10/13 20:46, Thiemo Nagel wrote:
> urandom also is used in crypto-volume wiping.
The wipe is already done with a potentially lower level of security,
because it forces AES-128 in XTS mode regardless of what the user chose
for encryption of allocated data:
http://anonscm.debian.org/gitweb/?p=d-i/partman-crypto.git;a=blob;f=lib/crypto-base.sh;h=e0f8e77900d05346a6beddec19b0adc3c9535d12;hb=HEAD#l341
> setup_dmcrypt $targetdevice $device aes xts-plain64 plain 128 /dev/urandom
I think that's wrong, and not what a user expects. If the user is
patient enough to wait for a wipe to complete, at least use their chosen
algorithm and key size instead of something arbitrary? And then it
makes sense to use /dev/random too.
Or, if they don't care about protecting unallocated blocks, they can
already skip this step.
Sometimes people want to erase quickly whatever's already on disk, but
that's an almost completely different use case perhaps not involving
crypto, where writing all zeroes or some kind of TRIM might be adequate
and even faster. (AES-128 + XTS was probably used above because it
tends to be fast, but not necessarily on all platforms).
Regards,
--
Steven Chamberlain
steven@pyro.eu.org
Reply to: