lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Thu, 26 Oct 2017 19:51:49 -0700
From:   Eric Biggers <ebiggers3@...il.com>
To:     "Grochowalski, Matthew (GE Aviation, US)" 
        <MatthewS.Grochowalski@...com>
Cc:     "linux-ext4@...r.kernel.org" <linux-ext4@...r.kernel.org>,
        Joe Richey <joerichey@...gle.com>
Subject: Re: e4crypt - Possible to Change Passphrase?

+Cc Joe Richey <joerichey@...gle.com>

Hi Matt,

On Thu, Oct 26, 2017 at 11:20:16PM +0000, Grochowalski, Matthew (GE Aviation, US) wrote:
> Is it possible to change the passphrase of a folder encrypted using e4crypt set_policy?

e4crypt doesn't support changing the passphrase because it derives the master
encryption key directly from the passphrase, rather than using the
passphrase-derived key to unwrap another key.

> I'm assuming I'd need to copy everything from one directory to another with a
> different policy then delete the originals,

That's fine as a workaround, although keep in mind you probably should delete
the originals with 'shred' so that the old ciphertext (which is protected only
by the old passphrase) is less likely to still exist on disk.

> use as a passphrase then encrypt that with the actual user passphrase?

Loosely speaking, that approach will work and is actually the proper way to
support passphrase changes.  However, implementing key derivation and key
wrapping yourself is error-prone; it's the type of thing that is very easy to
implement insecurely without knowing it.  I suggest using the "fscrypt" program
(https://github.com/google/fscrypt) which has implemented this already, with the
wrapped keys stored in a ".fscrypt" directory in the root directory of the
filesystem.  It also has many other advantages, such as PAM support, and also
working for f2fs and ubifs.  In the future I expect we'll be more aggressively
advertising fscrypt and documenting e4crypt (and f2fscrypt, which is e4crypt
copy+pasted into f2fs-tools) as deprecated.  You can ask Joe Richey, who is the
primary author of the fscrypt program, for more details.

Eric

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ