[HOME] [DOWNLOAD] [DOCS] [NEWS] [SUPPORT] [TIPS] [ISSUES] [Priority Support]

password advice wiki page enhancements


#41

https://www.whonix.org/pipermail/whonix-devel/2018-September/001220.html


#42

Can we benchmark argon2id and advice users do use something tolerable for them? I.e. users who are ok to wait 30 seconds or 60 seconds to wait after each password entry attempt would know what command to use? Yes, would mean faster computer, better security.

I think we need to change how is user informed here about parameter downgrade, it is only visible in --debug mode,

So let’s use --debug meanwhile.


#43

OK I’ll check argon2id support in Debian and see if it’s in testing. I would prefer to setup a Buster VM for benchmarking instead of my real system so I don’t risk corrupting the LUKS header. What do you think? Is this accurate enough?


#44

No idea. What about a spare USB disk which you install an OS on? That is useful to have anyhow:

  • test upgrades before applying on main system (internal HDD)
  • diagnose, recover main system

#45

Went ahead and installed Buster. Calling cryptsetup from the commandline burps out a ‘command not found’ despite booting the LUKS encrypted system fine and reaching a shell. O.o


#46
sudo cryptsetup

sudo which cryptsetup

?


#47

Going to bite the bullet and install from a full fledged KDE iso. Maybe things will work this time.


#48

Fails to convert header with error that I cannot make head or tail of.

root@debian:/home/user# which cryptsetup
    /usr/sbin/cryptsetup

root@debian:/home/user# cryptsetup luksConvertKey --key-slot 1 --pbkdf argon2id --pbkdf-force-iterations 50 --pbkdf-memory 1048576 --pbkdf-parallel 4 /dev/vda1

root@debian:/home/user# cryptsetup luksConvertKey --key-slot 1 --pbkdf argon2id --pbkdf-force-iterations 50 --pbkdf-memory 1048576 --pbkdf-parallel 4 /dev/vda1 --debug
# cryptsetup 2.0.4 processing "cryptsetup luksConvertKey --key-slot 1 --pbkdf argon2id --pbkdf-force-iterations 50 --pbkdf-memory 1048576 --pbkdf-parallel 4 /dev/vda1 --debug"
# Running command luksConvertKey.
# Locking memory.
# Installing SIGINT/SIGTERM handler.
# Unblocking interruption on signal.
# Allocating context for crypt device /dev/vda1.
# Trying to open and read device /dev/vda1 with direct-io.
# Initialising device-mapper backend library.
# Trying to load LUKS2 crypt type from device /dev/vda1.
# Crypto backend (gcrypt 1.8.3) initialized in cryptsetup library version 2.0.4.
# Detected kernel Linux 4.17.0-3-amd64 x86_64.
# Loading LUKS2 header (repair disabled).
# Opening lock resource file /run/cryptsetup/L_254:1
# Acquiring read lock for device /dev/vda1.
# Verifying read lock handle for device /dev/vda1.
# Device /dev/vda1 READ lock taken.
# Trying to read primary LUKS2 header at offset 0x0.
# Opening locked device /dev/vda1
# Veryfing locked device handle (bdev)
# Trying to read secondary LUKS2 header at offset 0x4000.
# Opening locked device /dev/vda1
# Veryfing locked device handle (bdev)
# Trying to read secondary LUKS2 header at offset 0x8000.
# Opening locked device /dev/vda1
# Veryfing locked device handle (bdev)
# Trying to read secondary LUKS2 header at offset 0x10000.
# Opening locked device /dev/vda1
# Veryfing locked device handle (bdev)
# Trying to read secondary LUKS2 header at offset 0x20000.
# Opening locked device /dev/vda1
# Veryfing locked device handle (bdev)
# Trying to read secondary LUKS2 header at offset 0x40000.
# Opening locked device /dev/vda1
# Veryfing locked device handle (bdev)
# Trying to read secondary LUKS2 header at offset 0x80000.
# Opening locked device /dev/vda1
# Veryfing locked device handle (bdev)
# Trying to read secondary LUKS2 header at offset 0x100000.
# Opening locked device /dev/vda1
# Veryfing locked device handle (bdev)
# Trying to read secondary LUKS2 header at offset 0x200000.
# Opening locked device /dev/vda1
# Veryfing locked device handle (bdev)
# Trying to read secondary LUKS2 header at offset 0x400000.
# Opening locked device /dev/vda1
# Veryfing locked device handle (bdev)
# LUKS2 header read failed (-22).
# Device /dev/vda1 READ lock released.
# Releasing crypt device /dev/vda1 context.
# Releasing device-mapper backend.
# Unlocking memory.
Command failed with code -1 (wrong or missing parameters).

#49

Could you ask upstream please?


#50

Done. Will link to replies when they come.


#51

https://www.saout.de/pipermail/dm-crypt/2018-September/005974.html

Summary:

On Buster headers need to be converted first to LUKS2 then argon2id can be applied in a different step.

Possible to do on host without a live-cd by using a little initramfs sorcery. Pretty simple actually.

After entering a passphrase there is now a noticeable delay and it just feels empowering.


Where should I put the instructions? on the password page? More places and use a template instead?


#52

Yes please. Maybe under an “Advanced Users” section i.e. this doesn’t look simple?


#53

Will they change to LUKS2 at some point? Ticket?


#54

I just filed a bug report against Debian before seeing your message. Will link to it whenever it appears.

https://bugs.debian.org/908917


#55

Found this post on Argon2 entropy calculation but I’m not able to wrap my head around it. I reached out to the author on Twitter who was one of the PHC organizers and can help us understand it. Would be very helpful when advising users to tweak their settings and the different trade-offs of memory size vs iterations.


#56

#57

Completed to perfection at last. Nobody makes an edit before consulting me please.


#58

The edits are very, very nice.

(Edit: Re-read the page and saw the reference to physical dice & EFF list is still there - great.)

PS Why don’t we add you as maintainer of that page?
PPS Your math skills are showing (again) :+1:


#59

Thanks :slight_smile:

I went ahead and did that.


#60

Did we intent to install diceware by default or should we? Any other packages related to this thread while we are at it?