Hi Steven, I share your concerns about the potentially less secure wipe. It has been addressed yesterday. :-)
http://bugs.debian.org/726448 Cheers, Thiemo On Wed, Oct 16, 2013 at 3:40 AM, Steven Chamberlain <ste...@pyro.eu.org> wrote: > Hi Thiemo, > > Good to have someone reviewing this code. Use of --use-urandom by > default is a very good catch and fully agree with changing that. > > On 15/10/13 20:46, Thiemo Nagel wrote: >> urandom also is used in crypto-volume wiping. > > The wipe is already done with a potentially lower level of security, > because it forces AES-128 in XTS mode regardless of what the user chose > for encryption of allocated data: > > http://anonscm.debian.org/gitweb/?p=d-i/partman-crypto.git;a=blob;f=lib/crypto-base.sh;h=e0f8e77900d05346a6beddec19b0adc3c9535d12;hb=HEAD#l341 >> setup_dmcrypt $targetdevice $device aes xts-plain64 plain 128 /dev/urandom > > I think that's wrong, and not what a user expects. If the user is > patient enough to wait for a wipe to complete, at least use their chosen > algorithm and key size instead of something arbitrary? And then it > makes sense to use /dev/random too. > > Or, if they don't care about protecting unallocated blocks, they can > already skip this step. > > Sometimes people want to erase quickly whatever's already on disk, but > that's an almost completely different use case perhaps not involving > crypto, where writing all zeroes or some kind of TRIM might be adequate > and even faster. (AES-128 + XTS was probably used above because it > tends to be fast, but not necessarily on all platforms). > > Regards, > -- > Steven Chamberlain > ste...@pyro.eu.org -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org