ecryptfs-add-passphrase hashing passphrase
Asked by
Michael Moreton
Looking at the source for ecryptfs-
This signature is then passed to the kernel key ring as the "description" parameter, and is also passed into the mount command. From the description of this parameter it's just a unique name, it doesn't have any security value.
So why not just generate a random value for this description? Making it a derivative of the passphrase just sounds like it's adding another attack vector, however unlikely. And hashing it can take a significant time on an low power platform. Is there something else going on here?
Question information
- Language:
- English Edit question
- Status:
- Expired
- Assignee:
- No assignee Edit question
- Last query:
- Last reply:
To post a message you must log in.