Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
Re: [suse-security] Encrypted devices unsalted
From: Thomas Biege (thomassuse.de)
Date: Mon Feb 28 2005 - 05:01:34 CST
Thank you for this hint. I'll forward it.
On Fri, Feb 25, 2005 at 10:59:33AM +0200, 2005 wrote:
> SuSE 9.2 creates encrypted volumes without salting the
> password/key. While this is not a problem for long binary keys,
> it simplifies a dictionary attack against a shorter ascii keys.
> man losetup says:
> -S pseed
> Sets encryption password seed pseed which is appended to
> user supplied password before hashing. Using different
> seeds for different partitions makes dictionary attacks
> slower but does not prevent them if user supplied password
> is guessable.
> Check the headers for your unsubscription address
> For additional commands, e-mail: suse-security-helpsuse.com
> Security-related bug reports go to securitysuse.de, not here
Thomas Biege <thomassuse.de>, SUSE LINUX AG, Security Support & Auditing
Imagine there's no countries, It isnt hard to do,
Nothing to kill or die for, No religion too, ...
-- John Lennon (Imagine Lyrics)
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-helpsuse.com
Security-related bug reports go to securitysuse.de, not here