"Fossies" - the Fresh Open Source Software Archive

Member "cryptsetup-2.4.3/docs/v2.0.5-ReleaseNotes" (24 Jul 2021, 4407 Bytes) of package /linux/misc/cryptsetup-2.4.3.tar.xz:


As a special service "Fossies" has tried to format the requested text file into HTML format (style: standard) with prefixed line numbers. Alternatively you can here view or download the uninterpreted source code file.

    1 Cryptsetup 2.0.5 Release Notes
    2 ==============================
    3 Stable bug-fix release with new features.
    4 
    5 Cryptsetup 2.x version introduces a new on-disk LUKS2 format.
    6 
    7 The legacy LUKS (referenced as LUKS1) will be fully supported
    8 forever as well as a traditional and fully backward compatible format.
    9 
   10 Please note that authenticated disk encryption, non-cryptographic
   11 data integrity protection (dm-integrity), use of Argon2 Password-Based
   12 Key Derivation Function and the LUKS2 on-disk format itself are new
   13 features and can contain some bugs.
   14 
   15 Please do not use LUKS2 without properly configured backup or in
   16 production systems that need to be compatible with older systems.
   17 
   18 Changes since version 2.0.4
   19 ~~~~~~~~~~~~~~~~~~~~~~~~~~~
   20 
   21 * Wipe full header areas (including unused) during LUKS format.
   22 
   23   Since this version, the whole area up to the data offset is zeroed,
   24   and subsequently, all keyslots areas are wiped with random data.
   25   This ensures that no remaining old data remains in the LUKS header
   26   areas, but it could slow down format operation on some devices.
   27   Previously only first 4k (or 32k for LUKS2) and the used keyslot
   28   was overwritten in the format operation.
   29 
   30 * Several fixes to error messages that were unintentionally replaced
   31   in previous versions with a silent exit code.
   32   More descriptive error messages were added, including error
   33   messages if
   34    - a device is unusable (not a block device, no access, etc.),
   35    - a LUKS device is not detected,
   36    - LUKS header load code detects unsupported version,
   37    - a keyslot decryption fails (also happens in the cipher check),
   38    - converting an inactive keyslot.
   39 
   40 * Device activation fails if data area overlaps with LUKS header.
   41 
   42 * Code now uses explicit_bzero to wipe memory if available
   43   (instead of own implementation).
   44 
   45 * Additional VeraCrypt modes are now supported, including Camellia
   46   and Kuznyechik symmetric ciphers (and cipher chains) and Streebog
   47   hash function. These were introduced in a recent VeraCrypt upstream.
   48 
   49   Note that Kuznyechik requires out-of-tree kernel module and
   50   Streebog hash function is available only with the gcrypt cryptographic
   51   backend for now.
   52 
   53 * Fixes static build for integritysetup if the pwquality library is used.
   54 
   55 * Allows passphrase change for unbound keyslots.
   56 
   57 * Fixes removed keyslot number in verbose message for luksKillSlot,
   58   luksRemoveKey and erase command.
   59 
   60 * Adds blkid scan when attempting to open a plain device and warn the user
   61   about existing device signatures in a ciphertext device.
   62 
   63 * Remove LUKS header signature if luksFormat fails to add the first keyslot.
   64 
   65 * Remove O_SYNC from device open and use fsync() to speed up
   66   wipe operation considerably.
   67 
   68 * Create --master-key-file in luksDump and fail if the file already exists.
   69 
   70 * Fixes a bug when LUKS2 authenticated encryption with a detached header
   71   wiped the header device instead of dm-integrity data device area (causing
   72   unnecessary LUKS2 header auto recovery).
   73 
   74 Unfinished things & TODO for next releases
   75 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   76 * Authenticated encryption should use new algorithms from CAESAR competition
   77   https://competitions.cr.yp.to/caesar-submissions.html.
   78   AEGIS and MORUS are already available in kernel 4.18.
   79 
   80   For more info about LUKS2 authenticated encryption, please see our paper
   81   https://arxiv.org/abs/1807.00309
   82 
   83   Please note that authenticated encryption is still an experimental feature
   84   and can have performance problems for hish-speed devices and device
   85   with larger IO blocks (like RAID).
   86 
   87 * Authenticated encryption do not set encryption for a dm-integrity journal.
   88 
   89   While it does not influence data confidentiality or integrity protection,
   90   an attacker can get some more information from data journal or cause that
   91   system will corrupt sectors after journal replay. (That corruption will be
   92   detected though.)
   93 
   94 * There are examples of user-defined tokens inside misc/luks2_keyslot_example
   95   directory (like a simple external program that uses libssh to unlock LUKS2
   96   using remote keyfile).
   97 
   98 * The python binding (pycryptsetup) contains only basic functionality for LUKS1
   99   (it is not updated for new features) and will be REMOVED in version 2.1
  100   in favor of python bindings to the libblockdev library.
  101   See https://github.com/storaged-project/libblockdev/releases that
  102   already supports LUKS2 and VeraCrypt devices handling through libcryptsetup.