Page 1 of 2 12 LastLast
Results 1 to 10 of 12

Thread: Default Full Disk Encryption insecure? SHA1

  1. #1
    Join Date
    Jan 2015
    Beans
    6

    Question Default Full Disk Encryption insecure? SHA1

    Hello,

    I'm wondering. Why is Ubuntu and Mint only using SHA1 for Full Disk Encryption? I heard several times that SHA1 shouldn't be used anymore because it is weak and it could be cracked.

    Could you guys explain me why we should use the default GUI encryption if we can just encrypt the system over the terminal with like SHA512? I'm I paranoid or is it just a lie that SHA1 has been broken?

    And

    "As hardware gets more powerful, password cracking in such an occasion becomes a lot more viable and SHA1, (Cryptsetup's default) which already we should be far away from (but aren't), looks even more deprecated."

    Moreover: All the encryption programs like TrueCrypt and Veracrypt they all do not use SHA1 anymore because it is insecure. So why is cryptsetup encrypting the whole drive with SHA1? It does not seem secure, does it?

    I'm a rookie user so please explain me some stuff

  2. #2
    Join Date
    Mar 2007
    Location
    Denver, CO
    Beans
    7,836
    Distro
    Ubuntu Mate 16.04 Xenial Xerus

    Re: Default Full Disk Encryption insecure? SHA1

    SHA-1 is a hash function, not an encryption tool. You usually encrypt with something like AES-256 which is the default now-a-days although there are others which may be faster -- blowfish, twofish, etc. You use hashes to verify the encrypted data or hash passwords.

  3. #3
    Join Date
    Nov 2013
    Location
    On the edge
    Beans
    872
    Distro
    Ubuntu

    Re: Default Full Disk Encryption insecure? SHA1

    +1 to Kevdog's comments.

    If the OP would like details about the encryption Ubuntu uses, this had a decent answer:
    http://security.stackexchange.com/qu...isk-encryption
    Knock knock.
    Race condition.
    Who's there?

  4. #4
    Join Date
    Jan 2015
    Beans
    6

    Re: Default Full Disk Encryption insecure? SHA1

    I'm talking about the hash, guys.

    I know that AES is supposed to be secure but why is the installer using sha1 for password hashing? I heard it is not secure and it can be brute forced quite easily. Why is it not using sha256 / 512 for whole disc encryption?

  5. #5
    Join Date
    Mar 2007
    Location
    Denver, CO
    Beans
    7,836
    Distro
    Ubuntu Mate 16.04 Xenial Xerus

    Re: Default Full Disk Encryption insecure? SHA1

    I'm not too certain why SHA-1 was chosen, however although there have been some discovered vulnerabilities -- or more aptly put -- the chance of discovering a collision -- or two sets of data producing the same hash set -- is kind of overblown. I think theoretically a research project found that the process of producing a collision could be lowered from 31 to 7 years. That's seven years of continuously guessing passwords for brute force hacking via a computer that is processing this transformation at an extremely high rate.

    I'm not sure if there is a setting within the encryption setting to allow you to change the hash. I believe whole disk encryption performs this by creating a dm-crypt volume on LUKS. You may need to research this. I believe you may be able to change the hash algorithm within the dm-crypt conf file. You'll need to research this. Of course this means that you'll probably have to do the partitioning yourself with a more manual process from a chroot environment -- which actually isn't all that hard, although you'll definitely need to research how to do everything and probably have to experiment a few times to get it exactly correct.

  6. #6
    Join Date
    Jan 2014
    Beans
    Hidden!

    Re: Default Full Disk Encryption insecure? SHA1

    Quote Originally Posted by forever3 View Post
    I'm talking about the hash, guys.

    I know that AES is supposed to be secure but why is the installer using sha1 for password hashing? I heard it is not secure and it can be brute forced quite easily. Why is it not using sha256 / 512 for whole disc encryption?


    https://code.google.com/p/cryptsetup...curity_Aspects

    • 5.20 LUKS is broken! It uses SHA-1!

    No, it is not. SHA-1 is (academically) broken for finding collisions, but not for using it in a key-derivation function. And that collision vulnerability is for non-iterated use only. And you need the hash-value in verbatim.
    This basically means that if you already have a slot-key, and you have set the PBKDF2 iteration count to 1 (it is > 10'000 normally), you could (maybe) derive a different passphrase that gives you the the same slot-key. But if you have the slot-key, you can already unlock the key-slot and get the master key, breaking everything. So basically, this SHA-1 vulnerability allows you to open a LUKS container with high effort when you already have it open.
    The real problem here is people that do not understand crypto and claim things are broken just because some mechanism is used that has been broken for a specific different use. The way the mechanism is used matters very much. A hash that is broken for one use can be completely secure for other uses and here it is.

  7. #7
    Join Date
    Jan 2015
    Beans
    6

    Re: Default Full Disk Encryption insecure? SHA1

    But all in all, the hardware gets faster every year, right?

    And how about the iterations? Sha1 uses a high iteration cound but the boot time is fast as f***. So Brute Force can easily be done, huh?

  8. #8
    Join Date
    Nov 2013
    Location
    On the edge
    Beans
    872
    Distro
    Ubuntu

    Re: Default Full Disk Encryption insecure? SHA1

    Quote Originally Posted by forever3 View Post
    But all in all, the hardware gets faster every year, right?

    And how about the iterations? Sha1 uses a high iteration cound but the boot time is fast as f***. So Brute Force can easily be done, huh?
    See this estimator that will tell you how long it would take to brute force a password of your length and complexity that uses raw sha1. http://calc.opensecurityresearch.comI chose a password of 10 characters with alphanumeric and symbols. It will currently take 11,000 years for continuous offline cracking, much longer for attempts directly on your machine.

    You can game it to see how much computing power an attacker needs to crack your password in a reasonable timeframe, then see if that kind of power exists today.

    Yes computers will improve but when they do just increase your password complexity. Done.

    edit: you said you're assuming the attacker will brute force it on your computer. If he does that then the speed is fixed: your computer can only allow new attempts in X seconds. It doesn't matter how fast computers get, it only matters how fast your computer is. And that won't change during an attack.
    Last edited by bashiergui; January 15th, 2015 at 06:50 AM. Reason: Upon further thought...
    Knock knock.
    Race condition.
    Who's there?

  9. #9
    Join Date
    Jan 2015
    Beans
    6

    Re: Default Full Disk Encryption insecure? SHA1

    I found this one:

    http://hideandhack.blogspot.de/2013/...ncryption.html

    Moreover: Sha256 should be much more secure, shouldn't it? I'd like to see a dropdown box where I can chose a Hash

  10. #10
    Join Date
    Nov 2011
    Location
    /dev/root
    Beans
    Hidden!

    Re: Default Full Disk Encryption insecure? SHA1

    Most people think that the security is good enough. You cannot expect them to improve it, but the source code is free, available for you to improve to satisfy what you want. You are welcome to do it

    It is also possible to search the internet for linux distros, that focus on security, for example Tails.

    Maybe you can find some valuable tips at the following link: https://wiki.ubuntu.com/BasicSecurity

Page 1 of 2 12 LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •