[pkg-cryptsetup-devel] Bug#495832: cryptsetup(8) suggests default cipher is aes-cbc-plain, but luksFormat defaults to aes-cbc-essiv

Daniel Kahn Gillmor dkg-debian.org at fifthhorseman.net
Wed Aug 20 19:49:48 UTC 2008 

Package: cryptsetup
Version: 2:1.0.6-6
Severity: minor

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

This is a documentation bug, not a functionality bug:

cryptsetup luksFormat does the right thing by choosing aes-cbc-essiv
as the default cipher.

However, the man page for cryptsetup suggests that the default
- --cipher is aes-cbc-plain:

       --cipher, -c
              set cipher specification  string.  Usually,  this  is  "aes-cbc-
              plain".  For  pre-2.6.10  kernels, use "aes-plain" as they don’t
              understand the new cipher spec strings. To use ESSIV, use  "aes-
              cbc-essiv:sha256".

I suggest that the man page should be updated, perhaps to something
like this:

  set cipher specification string.  For non-LUKS operations, the
  default is "aes-cbc-plain".  For pre-2.6.10 kernels, use "aes-plain"
  as they don’t understand the new cipher spec strings. To use ESSIV,
  use "aes-cbc-essiv:sha256".  ESSIV is the current default cipher for
  the LuksFormat action.  ESSIV is recommended over aes-cbc-plain, as
  it protects against some known watermarking attacks.

(alternately, the LuksFormat defaults could be described in the
section describing the luksFormat action itself)

Here's a demonstration of the behavior:

[0 root at squeak ~]# lvcreate --name test --size 100M vg_squeak0
  Logical volume "test" created
[0 root at squeak ~]# cryptsetup luksFormat /dev/mapper/vg_squeak0-test 

WARNING!
========
This will overwrite data on /dev/mapper/vg_squeak0-test irrevocably.

Are you sure? (Type uppercase yes): YES
Enter LUKS passphrase: 
Verify passphrase: 
Command successful.
[0 root at squeak ~]# cryptsetup luksDump /dev/mapper/vg_squeak0-test | grep -i cipher
Cipher name:   	aes
Cipher mode:   	cbc-essiv:sha256
[0 root at squeak ~]# 

Thanks for maintaining cryptsetup for debian!

       --dkg

- -- System Information:
Debian Release: lenny/sid
  APT prefers testing
  APT policy: (500, 'testing'), (200, 'unstable'), (101, 'experimental')
Architecture: i386 (i686)

Kernel: Linux 2.6.26-1-686 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages cryptsetup depends on:
ii  dmsetup                      2:1.02.27-3 The Linux Kernel Device Mapper use
ii  libc6                        2.7-13      GNU C Library: Shared libraries
ii  libdevmapper1.02.1           2:1.02.27-3 The Linux Kernel Device Mapper use
ii  libpopt0                     1.14-4      lib for parsing cmdline parameters
ii  libuuid1                     1.41.0-3    universally unique id library

cryptsetup recommends no packages.

Versions of packages cryptsetup suggests:
ii  dosfstools                    2.11-6     utilities for making and checking 
ii  initramfs-tools [linux-initra 0.92f      tools for generating an initramfs
ii  udev                          0.125-5    /dev/ and hotplug management daemo

- -- no debconf information

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iQIVAwUBSKx1VczS7ZTSFznpAQKE3Q//RvJlfnQ4TzKFJkStb4xQnACq4GsNJ1at
UMCD6F2heizNzbHxDMna04eI95cct+ZXpsssxfO2743K85AiY0ijzGI6MzgZzRCz
9PodvEoxsHpnq5Z3+pPnbcwDFfnHv/rlhgeqETwAQ7EsibJQfv9WdMGK4pQOM5pn
zuN3u7cao6CwV2/vcfdRF8fjp5Gxx73GNa3EMgLzApM6nn9kpa153rcn8nU98cnG
giyxISg9UtP+jIuZE7sr65tdbNTtGRHnMb61xfJq1ZbpbpYkHMKYom3VIaxowCRM
WPX417liv8eCkCdyvVNjWNcXchZ/0mhMmegSy/VX09YSFZdEbPCPTnluVZQPts4R
a5WfNtIJ8QUXa2EE7ym8ULV4gR8J1ufL/4UnYMLdFO+UrUV02V1fGZ1Gfo/VLoWi
fSny2WgDITFer5cKjJuTeNXMCi2Uq5eWAye4azQD8+UjhuD/TgxfuzANL1TErPph
l6rT9eqLvoW9gZEbfhgrDmJZO8BFyZqS3BUZs6Nvp6DzT3DbwuYvEWVY3Up2JF5S
cJJscb6MZyW3B2Zpj81c7tOZurXw8iRVYMVfy3n4vtvZSf6SzLfBqr/XyCfSFiJF
JWf3AwH6Pbv5rApRR287rykEgqLqI/tgm1Y77t9tJuKSopfU9i+HTPmB1UkVEa/T
9nbnNeY+jWw=
=8kBa
-----END PGP SIGNATURE-----

More information about the pkg-cryptsetup-devel mailing list