Thanks, 3-david-o. That was useful information indeed.
The default iteration time for cryptsetup is 2 seconds. On my machine, for SHA512, this works out at 0.9 to 1.5 million iterations (depending, I suppose, on what was happening on the machine at the time).
If the decrypt time is, like yours, ten times slower, my decryption of roughly half a minute fits your observations.
I could allow the iteration time to be specified as part of the encryption script, although I worry that doing so would reduce security if people chose (as you have) just ½ second or even less.
Bookmarks