this post was submitted on 23 Jun 2023
6 points (100.0% liked)

Privacy, Security, and OSINT Show

328 readers
1 users here now

Lemmy Community for fans of the Privacy Security and OSINT show podcast to talk about the latest episode and bounce ideas off of each other how they can improve their privacy, security, or OSINT knowledge. This is just a fan based community, and is no way connected to or involved with Michael Bazzell, Inteltechniques.com, or the Privacy, Security, & OSINT podcast.

founded 1 year ago
MODERATORS
 

TIL the French government may have broken encryption on a LUKS-encrypted laptop with a "greater than 20 character" password in April 2023.

When upgrading TAILS today, I saw their announcement changing LUKS from PBKDF2 to Argon2id.

The release announcement above has some interesting back-of-the-envelope calculations for the wall-time required to crack a master key from a LUKS keyslot with PBKDF2 vs Argon2id.

And they also link to Matthew Garrett's article, which describes how to manually upgrade your (non-TAILS) LUKS header to Argon2id.

you are viewing a single comment's thread
view the rest of the comments
[โ€“] [email protected] 3 points 1 year ago (1 children)

https://unix.stackexchange.com/questions/260533/how-to-determine-what-encryption-is-being-used-a-luks-partition

Use these methods to see which version of LUKS your volume is using. Make sure you are using version 2 or higher.

[โ€“] [email protected] 2 points 1 year ago* (last edited 1 year ago)

afaik LUKS1 is fine. And AES is fine.

What matters is which KDF is used in your luks slots (which hold your AES master encryption key)