[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH 1/6] crypto: make PBKDF iterations configurable
From: |
Daniel P. Berrange |
Subject: |
Re: [Qemu-devel] [PATCH 1/6] crypto: make PBKDF iterations configurable for LUKS format |
Date: |
Fri, 9 Sep 2016 10:32:46 +0100 |
User-agent: |
Mutt/1.7.0 (2016-08-17) |
On Thu, Sep 08, 2016 at 12:44:55PM -0500, Eric Blake wrote:
> On 09/08/2016 11:27 AM, Daniel P. Berrange wrote:
> > As protection against bruteforcing passphrases, the PBKDF
> > algorithm is tuned by counting the number of iterations
> > needed to produce 1 second of running time. If the machine
> > that the image will be used on is much faster than the
> > machine where the image is created, it can be desirable
> > to raise the number of limits. This adds a new 'iter-time'
>
> s/limits/iterations/ ?
>
> > property that allows the user to choose the iteration
> > wallclock time.
> >
> > Signed-off-by: Daniel P. Berrange <address@hidden>
> > ---
> > block/crypto.c | 6 ++++++
> > crypto/block-luks.c | 32 +++++++++++++++++++++++---------
> > qapi/crypto.json | 6 +++++-
> > 3 files changed, 34 insertions(+), 10 deletions(-)
> >
>
> > +++ b/crypto/block-luks.c
> > @@ -917,8 +917,12 @@ qcrypto_block_luks_create(QCryptoBlock *block,
> > const char *hash_alg;
> > char *cipher_mode_spec = NULL;
> > QCryptoCipherAlgorithm ivcipheralg = 0;
> > + uint64_t iters;
> >
> > memcpy(&luks_opts, &options->u.luks, sizeof(luks_opts));
> > + if (!luks_opts.has_iter_time) {
> > + luks_opts.iter_time = 1000;
> > + }
> > if (!luks_opts.has_cipher_alg) {
> > luks_opts.cipher_alg = QCRYPTO_CIPHER_ALG_AES_256;
> > }
> > @@ -1064,7 +1068,7 @@ qcrypto_block_luks_create(QCryptoBlock *block,
> > /* Determine how many iterations we need to hash the master
> > * key, in order to have 1 second of compute time used
> > */
> > - luks->header.master_key_iterations =
> > + iters = luks_opts.iter_time *
> > qcrypto_pbkdf2_count_iters(luks_opts.hash_alg,
>
> luks_opts.iter_time is a user-provided 64-bit value, so this
> multiplication can overflow...
Oh doh, there I was thinkig it was just a 32bit int...
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
- [Qemu-devel] [PATCH 0/6] crypto: misc tweaks & improvements to pbkdf code, Daniel P. Berrange, 2016/09/08
- [Qemu-devel] [PATCH 2/6] crypto: clear out buffer after timing pbkdf algorithm, Daniel P. Berrange, 2016/09/08
- [Qemu-devel] [PATCH 1/6] crypto: make PBKDF iterations configurable for LUKS format, Daniel P. Berrange, 2016/09/08
- [Qemu-devel] [PATCH 3/6] crypto: use correct derived key size when timing pbkdf, Daniel P. Berrange, 2016/09/08
- [Qemu-devel] [PATCH 6/6] crypto: support more hash algorithms for pbkdf, Daniel P. Berrange, 2016/09/08
- [Qemu-devel] [PATCH 4/6] crypto: remove bogus /= 2 for pbkdf iterations, Daniel P. Berrange, 2016/09/08
- [Qemu-devel] [PATCH 5/6] crypto: increase default pbkdf2 time for luks to 2 seconds, Daniel P. Berrange, 2016/09/08
- Re: [Qemu-devel] [PATCH 0/6] crypto: misc tweaks & improvements to pbkdf code, no-reply, 2016/09/08