Bug#723729: other places
Hi Steven,
I share your concerns about the potentially less secure wipe. It has
been addressed yesterday. :-)
http://bugs.debian.org/726448
Cheers,
Thiemo
On Wed, Oct 16, 2013 at 3:40 AM, Steven Chamberlain <steven@pyro.eu.org> wrote:
> Hi Thiemo,
>
> Good to have someone reviewing this code. Use of --use-urandom by
> default is a very good catch and fully agree with changing that.
>
> On 15/10/13 20:46, Thiemo Nagel wrote:
>> urandom also is used in crypto-volume wiping.
>
> The wipe is already done with a potentially lower level of security,
> because it forces AES-128 in XTS mode regardless of what the user chose
> for encryption of allocated data:
>
> http://anonscm.debian.org/gitweb/?p=d-i/partman-crypto.git;a=blob;f=lib/crypto-base.sh;h=e0f8e77900d05346a6beddec19b0adc3c9535d12;hb=HEAD#l341
>> setup_dmcrypt $targetdevice $device aes xts-plain64 plain 128 /dev/urandom
>
> I think that's wrong, and not what a user expects. If the user is
> patient enough to wait for a wipe to complete, at least use their chosen
> algorithm and key size instead of something arbitrary? And then it
> makes sense to use /dev/random too.
>
> Or, if they don't care about protecting unallocated blocks, they can
> already skip this step.
>
> Sometimes people want to erase quickly whatever's already on disk, but
> that's an almost completely different use case perhaps not involving
> crypto, where writing all zeroes or some kind of TRIM might be adequate
> and even faster. (AES-128 + XTS was probably used above because it
> tends to be fast, but not necessarily on all platforms).
>
> Regards,
> --
> Steven Chamberlain
> steven@pyro.eu.org
Reply to: