http://bugzilla.opensuse.org/show_bug.cgi?id=1184069 http://bugzilla.opensuse.org/show_bug.cgi?id=1184069#c1 Andreas Stieger <Andreas.Stieger@gmx.de> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |Andreas.Stieger@gmx.de, | |p.heinlein@heinlein-support | |.de Flags| |needinfo?(p.heinlein@heinle | |in-support.de) --- Comment #1 from Andreas Stieger <Andreas.Stieger@gmx.de> --- (In reply to Peer Heinlein from comment #0)
so I also think, that the crypto or number of iterations is way to expensive here and needs too much time. Maybe the SUSE team should/could look for a similar safe, but faster method (SHA256?) here?
What is the number of iterations configured (cryptsetup luksDump)? How many keyslots are active? The number of iterations is determined during installation by cryptsetup and is calibrated to take about 1000ms. When the disk moves or the system configuration changes this no longer matches up. On the running system when creating a volume, which value does luksFormat choose?
Maybe the SUSE team should/could look for a similar safe, but faster method (SHA256?) here?
For key derivation, fast hashes are insecure. You want slow hashes here. -- You are receiving this mail because: You are on the CC list for the bug.