From 7d496a6b69506efaae2aa4dc73b36a2b56ba8b85 Mon Sep 17 00:00:00 2001 From: Arno Wagner Date: Fri, 8 Jul 2011 20:38:30 +0000 Subject: [PATCH] added warning to only use the fiorst 128 ASCII cars to text version of the FAQ git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@564 36d66b0a-2a48-0410-832c-cd162a569da5 --- FAQ | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/FAQ b/FAQ index d3d1288..ef0c5d5 100644 --- a/FAQ +++ b/FAQ @@ -36,7 +36,17 @@ A. Contributors limitations imposed by the LUKS security model BEFORE you face such a disaster! - Specific warnings: + PASSPHRASES: Some people have had difficulties when upgrading + distributions. It is highly advisable to only use the 94 printable + characters from the first 128 characters of the ASCII table, as + they will always have the same binary representation. Other + characters may have different encoding depending on system + configuration and your passphrase will not work with a different + encoding. A table of the standardized first 128 ASCII caracters + can, e.g. be found on http://en.wikipedia.org/wiki/ASCII + + + * System Specific warnings - Ubuntu as of 4/2011: It seems the installer offers to create LUKS partitions in a way that several people mistook for an offer @@ -640,6 +650,11 @@ A. Contributors * Is LUKS secure with a low-entropy (bad) passphrase? + Note: You should only use the 94 printable characters from 7 bit + ASCII code to prevent your passphrase from failing when the + character encoding changes, e.g. because of a system upgrade, see + also the note at the very start of this FAQ under "WARNINGS". + This needs a bit of theory. The quality of your passphrase is directly related to its entropy (information theoretic, not thermodynamic). The entropy says how many bits of "uncertainty" or -- 2.7.4