Use of static salt with regard to mount passphrase and also file FEKs
Hi
Dustin and a few others know that I've recently written a paper about eCryptfs here in the UK. Having delivered a presentation on it today a question was asked about the use of static salt values.
As a consequence, I think (having already submitted it!) that I've made a mistake that I'd like to seek clarification on so that I can at least issue a corrective ammendment.
I stated that the FEKEK is the end result of a SHA512 hashing process (key strengthening) of the mount passphrase with a prepended RANDOM salt value. I then went on to say that the creation of each files unique FEK uses the static salt value of 0x0011223344556677 and that the FEK is generated by get_random_bytes().
I think that series of statements is partially incorrect in as much that the correct situation, is, I think, that the mount passphrase is in fact prepended with the static salt hex value of 0x0011223344556677 (not a random one) and that either no salt or a random salt value is used for the creation of each files FEK. In other words, visa versa to what I have stated. The static salt used with the mount passphrase is embedded in the cryptographic metadata of each seperate file.
As I'm not a C programmer, reading the source code to come to my own conclusions will surely result in further mis-understanding. If possible, would someone (Dustin perhaps?) be kind enough to provide a precise answer the above for me?
Lastly, regardless of where the static salt value is used, what is the thinking process behind using a static salt as opposed to a random one? Surely using a static (and known) salt cancels out any benefit to using a salt value at all? If it's known, it might as well not be used, hadn't it?
Many thanks
Ted
Question information
- Language:
- English Edit question
- Status:
- Solved
- For:
- eCryptfs Edit question
- Assignee:
- No assignee Edit question
- Solved by:
- Dustin Kirkland
- Solved:
- Last query:
- Last reply: