password advice wiki page enhancements

Website
41

https://www.whonix.org/pipermail/whonix-devel/2018-September/001220.html

1 Like
42

Can we benchmark argon2id and advice users do use something tolerable for them? I.e. users who are ok to wait 30 seconds or 60 seconds to wait after each password entry attempt would know what command to use? Yes, would mean faster computer, better security.

I think we need to change how is user informed here about parameter downgrade, it is only visible in --debug mode,

So letā€™s use --debug meanwhile.

1 Like
43

OK Iā€™ll check argon2id support in Debian and see if itā€™s in testing. I would prefer to setup a Buster VM for benchmarking instead of my real system so I donā€™t risk corrupting the LUKS header. What do you think? Is this accurate enough?

1 Like
44

No idea. What about a spare USB disk which you install an OS on? That is useful to have anyhow:

  • test upgrades before applying on main system (internal HDD)
  • diagnose, recover main system
45

Went ahead and installed Buster. Calling cryptsetup from the commandline burps out a ā€˜command not foundā€™ despite booting the LUKS encrypted system fine and reaching a shell. O.o

1 Like
46 
sudo cryptsetup

sudo which cryptsetup

?

47

Going to bite the bullet and install from a full fledged KDE iso. Maybe things will work this time.

1 Like
48

Fails to convert header with error that I cannot make head or tail of.

root@debian:/home/user# which cryptsetup
    /usr/sbin/cryptsetup

root@debian:/home/user# cryptsetup luksConvertKey --key-slot 1 --pbkdf argon2id --pbkdf-force-iterations 50 --pbkdf-memory 1048576 --pbkdf-parallel 4 /dev/vda1

root@debian:/home/user# cryptsetup luksConvertKey --key-slot 1 --pbkdf argon2id --pbkdf-force-iterations 50 --pbkdf-memory 1048576 --pbkdf-parallel 4 /dev/vda1 --debug
# cryptsetup 2.0.4 processing "cryptsetup luksConvertKey --key-slot 1 --pbkdf argon2id --pbkdf-force-iterations 50 --pbkdf-memory 1048576 --pbkdf-parallel 4 /dev/vda1 --debug"
# Running command luksConvertKey.
# Locking memory.
# Installing SIGINT/SIGTERM handler.
# Unblocking interruption on signal.
# Allocating context for crypt device /dev/vda1.
# Trying to open and read device /dev/vda1 with direct-io.
# Initialising device-mapper backend library.
# Trying to load LUKS2 crypt type from device /dev/vda1.
# Crypto backend (gcrypt 1.8.3) initialized in cryptsetup library version 2.0.4.
# Detected kernel Linux 4.17.0-3-amd64 x86_64.
# Loading LUKS2 header (repair disabled).
# Opening lock resource file /run/cryptsetup/L_254:1
# Acquiring read lock for device /dev/vda1.
# Verifying read lock handle for device /dev/vda1.
# Device /dev/vda1 READ lock taken.
# Trying to read primary LUKS2 header at offset 0x0.
# Opening locked device /dev/vda1
# Veryfing locked device handle (bdev)
# Trying to read secondary LUKS2 header at offset 0x4000.
# Opening locked device /dev/vda1
# Veryfing locked device handle (bdev)
# Trying to read secondary LUKS2 header at offset 0x8000.
# Opening locked device /dev/vda1
# Veryfing locked device handle (bdev)
# Trying to read secondary LUKS2 header at offset 0x10000.
# Opening locked device /dev/vda1
# Veryfing locked device handle (bdev)
# Trying to read secondary LUKS2 header at offset 0x20000.
# Opening locked device /dev/vda1
# Veryfing locked device handle (bdev)
# Trying to read secondary LUKS2 header at offset 0x40000.
# Opening locked device /dev/vda1
# Veryfing locked device handle (bdev)
# Trying to read secondary LUKS2 header at offset 0x80000.
# Opening locked device /dev/vda1
# Veryfing locked device handle (bdev)
# Trying to read secondary LUKS2 header at offset 0x100000.
# Opening locked device /dev/vda1
# Veryfing locked device handle (bdev)
# Trying to read secondary LUKS2 header at offset 0x200000.
# Opening locked device /dev/vda1
# Veryfing locked device handle (bdev)
# Trying to read secondary LUKS2 header at offset 0x400000.
# Opening locked device /dev/vda1
# Veryfing locked device handle (bdev)
# LUKS2 header read failed (-22).
# Device /dev/vda1 READ lock released.
# Releasing crypt device /dev/vda1 context.
# Releasing device-mapper backend.
# Unlocking memory.
Command failed with code -1 (wrong or missing parameters).
1 Like
49

Could you ask upstream please?

50

Done. Will link to replies when they come.

1 Like
51

https://www.saout.de/pipermail/dm-crypt/2018-September/005974.html

Summary:

On Buster headers need to be converted first to LUKS2 then argon2id can be applied in a different step.

Possible to do on host without a live-cd by using a little initramfs sorcery. Pretty simple actually.

After entering a passphrase there is now a noticeable delay and it just feels empowering.

Where should I put the instructions? on the password page? More places and use a template instead?

1 Like
52

Yes please. Maybe under an ā€œAdvanced Usersā€ section i.e. this doesnā€™t look simple?

53

Will they change to LUKS2 at some point? Ticket?

54

I just filed a bug report against Debian before seeing your message. Will link to it whenever it appears.

https://bugs.debian.org/908917

1 Like
55

Found this post on Argon2 entropy calculation but Iā€™m not able to wrap my head around it. I reached out to the author on Twitter who was one of the PHC organizers and can help us understand it. Would be very helpful when advising users to tweak their settings and the different trade-offs of memory size vs iterations.

https://www.reddit.com/r/crypto/comments/85jdsf/choosing_argon2_parameters_for_keepass/dw2d2t3/

1 Like
56
1 Like
57

Completed to perfection at last. Nobody makes an edit before consulting me please.

2 Likes
58

The edits are very, very nice.

(Edit: Re-read the page and saw the reference to physical dice & EFF list is still there - great.)

PS Why donā€™t we add you as maintainer of that page?
PPS Your math skills are showing (again) :+1:

2 Likes
59

Thanks :slight_smile:

I went ahead and did that.

1 Like
60

Did we intent to install diceware by default or should we? Any other packages related to this thread while we are at it?