Important Notice: Our web hosting provider recently started charging us for additional visits, which was unexpected. In response, we're seeking donations. Depending on the situation, we may explore different monetization options for our Community and Expert Contributors. It's crucial to provide more returns for their expertise and offer more Expert Validated Answers or AI Validated Answers. Learn more about our hosting issue here.

Is LUKS with default parameters less secure on a slow CPU?

CPU Default luks parameters Secure slow
0
Posted

Is LUKS with default parameters less secure on a slow CPU?

0 CommentsAdd a Comment

1 Answer

0

Unfortunately, yes. However the only aspect affected is the protection for low-entropy passphrase or master-key. All other security aspects are independent of CPU speed. The master key is less critical, as you really have to work at it to give it low entropy. One possibility is to supply the master key yourself. If that key is low-entropy, then you get what you deserve. The other known possibility is to use /dev/urandom for key generation in an entropy-startved situation (e.g. automatic installation on an embedded device without network and other entropy sources). For the passphrase, don’t use a low-entropy passphrase. If your passphrase is good, then a slow CPU will not matter. If you insist on a low-entropy passphrase on a slow CPU, use something like “–iter-time=10” or higher and wait a long time on each LUKS unlock and pray that the attacker does not find out in which way exactly your passphrase is low entropy. This also applies to low-entropy passphrases on fast CPUs. Technology

0 CommentsAdd a Comment

Related Questions

What is your question?

*Sadly, we had to bring back ads too. Hopefully more targeted.

Experts123