Bug#910249: Bumping up encryption to AES-256 by default

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

Bug#910249: Bumping up encryption to AES-256 by default

procmem
Package: gnome-disk-utility
Version: all
Severity: serious

Hi. I noticed Gnome Disks uses AES-128 by default instead of AES-256
like Debian does out of the box. Having 256 bit symmetric keys is good
practice for long term security especially in a coming era of quantum
computers. (Whether they materialize or not is deabatble but why not
have a sufficient margin if it's easy enough?) It is also the
recommended level by NIST.


This is verified by running:

# cryptsetup luksDump --debug <device>

AES in XTS mode uses a keysize double its bit size (512 in this case)
since with XTS the key is split in 2 so you actually get AES with
256-bit keys.

A partition created by Gnome Disks shows it's only using MK size 256
instead of the expected 512. Please modify the source to pass 512 bit
size to cryptsetup.


For more details and original research by me see:

https://www.whonix.org/wiki/Full_Disk_Encryption_and_Encrypted_Images#Protection_Against_Powerful_Adversaries

Reply | Threaded
Open this post in threaded view
|

Bug#910249: Bumping up encryption to AES-256 by default

Jeremy Bicha-5
I just uploaded libblockdev 2.20-7. Please check if it fixes your issue.

If it does, would you be interested in filing the unblock bug to get
the fix in to Debian Buster?

https://release.debian.org/buster/freeze_policy.html

Thanks,
Jeremy Bicha

Reply | Threaded
Open this post in threaded view
|

Bug#910249: Bumping up encryption to AES-256 by default

procmem

On 3/5/19 6:16 AM, Jeremy Bicha wrote:
> I just uploaded libblockdev 2.20-7. Please check if it fixes your issue.
>
> If it does, would you be interested in filing the unblock bug to get
> the fix in to Debian Buster?
>
> https://release.debian.org/buster/freeze_policy.html
>
> Thanks,
> Jeremy Bicha

Thanks a lot for following up on this. I had reported it upstream and am
happy to see they fixed it. Looks like it made it into v 2.21 [0]. I
would very much like to see it in Buster, but I'm clueless about how to
do the unblock request despite reading about it now :(

[0] https://github.com/storaged-project/libblockdev/blob/master/NEWS.rst

Reply | Threaded
Open this post in threaded view
|

Bug#910249: Bumping up encryption to AES-256 by default

procmem
In reply to this post by Jeremy Bicha-5
I stand corrected its in your versionĀ  since you cherry picked the patch.

Reply | Threaded
Open this post in threaded view
|

Bug#910249: Bumping up encryption to AES-256 by default

Jeremy Bicha-5
On Tue, Mar 5, 2019 at 12:35 PM procmem <[hidden email]> wrote:
> I stand corrected its in your version  since you cherry picked the patch.

Yes. Could you verify whether that version fixes your issue?

Thanks,
Jeremy Bicha