#1
  1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jan 2012
    Posts
    1
    Rep Power
    0

    Passphrase hash length shorter than cipher key


    Hi,

    I'm looking to use dm-crypt / cryptsetup (not LUKS) on Linux to encrypt a filesystem on a small loopback file.
    The version of cryptsetup I'm using is 1.3.1 which defaults to:

    Hash: ripemd160
    Cipher: aes-cbc-essiv:sha256, 256 bit key

    The question I have is, if the output of the hash is 160 bits and the cipher takes 256, then to make the key, 96 bits must be padded in a (presumably) determinable manner. Does this not weaken the cipher? I know the result is probably still mega secure but why compromise?

    Thanks
  2. #2
  3. No Profile Picture
    Contributing User
    Devshed Novice (500 - 999 posts)

    Join Date
    May 2007
    Posts
    765
    Rep Power
    929
    There doesn't need to be any padding. For example, the PBKDF2 algorithm from PKCS#5 hashes the pass phrase plus a counter multiple times to produce an arbitrarily long output.
    sub{*{$::{$_}}{CODE}==$_[0]&& print for(%:: )}->(\&Meh);
  4. #3
  5. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jan 2012
    Posts
    3
    Rep Power
    0
    Hi,
    Can't you use SHA256 instead of RIPEMD160 ?

IMN logo majestic logo threadwatch logo seochat tools logo