Change in iterations counts:
* Fix key slot iteration count calculation (small -i value was the same as default).
* The slot and key digest iteration minimun is now 1000.
* The key digest iteration # is calculated from iteration time (approx 1/8 of that).
If something very strange happens, and the generated key is not completely random
(wrong RNG), attacker can skip the whole kesylot area processing and try to
brute force key according to limited set of keys.
The iteration time (default, inherited from slot iteration time, is cca 120ms)
can make this attack slower, if not impossible.
Note, that this is just theorethic problem, anyway it is better to be prepared
if possible:-)
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@159
36d66b0a-2a48-0410-832c-
cd162a569da5
projects / platform / upstream / cryptsetup.git / commit