site  contact  subhomenews

Password converted to 64-byte hash

April 30, 2023 — BarryK

I posted yesterday about fscrypt v2:

There is a security concern, as the password the user types in at bootup is used to create the encrypted folders. Quoting from here:

Master keys must be real cryptographic keys, i.e. indistinguishable from random bytestrings of the same length. This implies that users must not directly use a password as a master key, zero-pad a shorter key, or repeat a shorter key. Security cannot be guaranteed if userspace makes any such error, as the cryptographic proofs and analysis would no longer apply.

Instead, users should generate master keys either using a cryptographically secure random number generator, or by using a KDF (Key Derivation Function). The kernel does not do any key stretching; therefore, if userspace derives the key from a low-entropy secret such as a passphrase, it is critical that a KDF designed for this purpose be used, such as scrypt, PBKDF2, or Argon2.

I have compiled the 'argon2' utility in OE, statically-linked with musl, for use in the initrd. Argon2 project:

Now, in the 'init' script in the initrd, there is this line:

 PASSPHRASE="$(echo -n ${PW}xxxx | argon2 ${SALT} -l 32 -r)" #20230430 64 byte hash generated from password.

...I have named the variable "PASSPHRASE", but it is actually now a 64-byte hash. This is then used to add a key to the ext4 filesystem. WoofQ commit:     

Tags: easy