"Fossies" - the Fresh Open Source Software Archive

Member "cryptsetup-2.4.3/docs/v2.0.4-ReleaseNotes" (24 Jul 2021, 5018 Bytes) of package /linux/misc/cryptsetup-2.4.3.tar.xz:


As a special service "Fossies" has tried to format the requested text file into HTML format (style: standard) with prefixed line numbers. Alternatively you can here view or download the uninterpreted source code file.

    1 Cryptsetup 2.0.4 Release Notes
    2 ==============================
    3 Stable bug-fix release with new features.
    4 
    5 Cryptsetup 2.x version introduces a new on-disk LUKS2 format.
    6 
    7 The legacy LUKS (referenced as LUKS1) will be fully supported
    8 forever as well as a traditional and fully backward compatible format.
    9 
   10 Please note that authenticated disk encryption, non-cryptographic
   11 data integrity protection (dm-integrity), use of Argon2 Password-Based
   12 Key Derivation Function and the LUKS2 on-disk format itself are new
   13 features and can contain some bugs.
   14 
   15 To provide all security features of authenticated encryption, we need
   16 a better nonce-reuse resistant algorithm in the kernel (see note below).
   17 For now, please use authenticated encryption as an experimental feature.
   18 
   19 Please do not use LUKS2 without properly configured backup or in
   20 production systems that need to be compatible with older systems.
   21 
   22 Changes since version 2.0.3
   23 ~~~~~~~~~~~~~~~~~~~~~~~~~~~
   24 
   25 * Use the libblkid (blockid) library to detect foreign signatures
   26   on a device before LUKS format and LUKS2 auto-recovery.
   27 
   28   This change fixes an unexpected recovery using the secondary
   29   LUKS2 header after a device was already overwritten with
   30   another format (filesystem or LVM physical volume).
   31 
   32   LUKS2 will not recreate a primary header if it detects a valid
   33   foreign signature. In this situation, a user must always
   34   use cryptsetup repair command for the recovery.
   35 
   36   Note that libcryptsetup and utilities are now linked to libblkid
   37   as a new dependence.
   38 
   39   To compile code without blockid support (strongly discouraged),
   40   use --disable-blkid configure switch.
   41 
   42 * Add prompt for format and repair actions in cryptsetup and
   43   integritysetup if foreign signatures are detected on the device
   44   through the blockid library.
   45 
   46   After the confirmation, all known signatures are then wiped as
   47   part of the format or repair procedure.
   48 
   49 * Print consistent verbose message about keyslot and token numbers.
   50   For keyslot actions: Key slot <number> unlocked/created/removed.
   51   For token actions: Token <number> created/removed.
   52 
   53 * Print error, if a non-existent token is tried to be removed.
   54 
   55 * Add support for LUKS2 token definition export and import.
   56 
   57   The token command now can export/import customized token JSON file
   58   directly from command line. See the man page for more details.
   59 
   60 * Add support for new dm-integrity superblock version 2.
   61 
   62 * Add an error message when nothing was read from a key file.
   63 
   64 * Update cryptsetup man pages, including --type option usage.
   65 
   66 * Add a snapshot of LUKS2 format specification to documentation
   67   and accordingly fix supported secondary header offsets.
   68 
   69 * Add bundled optimized Argon2 SSE (X86_64 platform) code.
   70 
   71   If the bundled Argon2 code is used and the new configure switch
   72   --enable-internal-sse-argon2 option is present, and compiler flags
   73   support required optimization, the code will try to use optimized
   74   and faster variant.
   75 
   76   Always use the shared library (--enable-libargon2) if possible.
   77 
   78   This option was added because an enterprise distribution
   79   rejected to support the shared Argon2 library and native support
   80   in generic cryptographic libraries is not ready yet.
   81 
   82 * Fix compilation with crypto backend for LibreSSL >= 2.7.0.
   83   LibreSSL introduced OpenSSL 1.1.x API functions, so compatibility
   84   wrapper must be commented out.
   85 
   86 * Fix on-disk header size calculation for LUKS2 format if a specific
   87   data alignment is requested. Until now, the code used default size
   88   that could be wrong for converted devices.
   89 
   90 Unfinished things & TODO for next releases
   91 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   92 * Authenticated encryption will use new algorithms from CAESAR competition
   93   https://competitions.cr.yp.to/caesar-submissions.html.
   94   We plan to use AEGIS and MORUS (in kernel 4.18), as CAESAR finalists.
   95 
   96   NOTE: Currently available authenticated modes (GCM, Chacha20-poly1305)
   97   in the kernel have too small 96-bit nonces that are problematic with
   98   randomly generated IVs (the collision probability is not negligible).
   99 
  100   For more info about LUKS2 authenticated encryption, please see our paper
  101   https://arxiv.org/abs/1807.00309
  102 
  103 * Authenticated encryption do not set encryption for a dm-integrity journal.
  104 
  105   While it does not influence data confidentiality or integrity protection,
  106   an attacker can get some more information from data journal or cause that
  107   system will corrupt sectors after journal replay. (That corruption will be
  108   detected though.)
  109 
  110 * There are examples of user-defined tokens inside misc/luks2_keyslot_example
  111   directory (like a simple external program that uses libssh to unlock LUKS2
  112   using remote keyfile).
  113 
  114 * The python binding (pycryptsetup) contains only basic functionality for LUKS1
  115   (it is not updated for new features) and will be REMOVED in version 2.1
  116   in favor of python bindings to the libblockdev library.
  117   See https://github.com/storaged-project/libblockdev/releases that
  118   already supports LUKS2 and VeraCrypt devices handling through libcryptsetup.
  119