Skip to content

Increased maximal memory cost for agron2 PBKDF to 4TiB (previsouly 4GiB)

Cyprien AUGIER requested to merge (removed):master into master

Previously, cryptsetup luksFormat would refuse to format a drive with a --pbkdf-memory > 4194304 (4GiB).

But, according to the draft RFC, the default should be 6GiB. I agree with the FAQ, this is waaay too much. But, if someone want to conform with that, or do PBKDF with more the 4GiB of memory for any reasons (typically high risk of very weak user passphrase), this is currently not permitted.

This is only a 1-line change, and even if the draft RFC were to change, having the possibility to use any amount of memory (up to UINT32_MAX KiB) would be a great feature.

By the way, I think that the following related features could be great, tell me if you'd want me to make a Merge Request for them:

  • Warn the user if, after benchmarking, the retained memory parameter < --pbkdf-memory (when --pbkdf-memory is specified).
  • Add a --pbkdf-min-memory which would be the minimum memory requirement for the PBKDF, even if that implies a longer PBKDF time than --iter-time (and maybe warn the user if it occurs)
  • Rename --pbkdf-mermory to --pbkdf-max-memory to reduce confusion (or add an alias to keep backward compatibility)
  • Do the same for --pbkdf-parallel (you may want to format a LUKS partition on a 1-thread machine, but use it with a 4/8/...-thread machine)

Merge request reports