"Fossies" - the Fresh Open Source Software Archive

Member "cryptsetup-2.4.3/docs/v2.0.6-ReleaseNotes" (24 Jul 2021, 4264 Bytes) of package /linux/misc/cryptsetup-2.4.3.tar.xz:


As a special service "Fossies" has tried to format the requested text file into HTML format (style: standard) with prefixed line numbers. Alternatively you can here view or download the uninterpreted source code file.

    1 Cryptsetup 2.0.6 Release Notes
    2 ==============================
    3 Stable bug-fix release.
    4 All users of cryptsetup 2.0.x should upgrade to this version.
    5 
    6 Cryptsetup 2.x version introduces a new on-disk LUKS2 format.
    7 
    8 The legacy LUKS (referenced as LUKS1) will be fully supported
    9 forever as well as a traditional and fully backward compatible format.
   10 
   11 Please note that authenticated disk encryption, non-cryptographic
   12 data integrity protection (dm-integrity), use of Argon2 Password-Based
   13 Key Derivation Function and the LUKS2 on-disk format itself are new
   14 features and can contain some bugs.
   15 
   16 Please do not use LUKS2 without properly configured backup or in
   17 production systems that need to be compatible with older systems.
   18 
   19 Changes since version 2.0.5
   20 ~~~~~~~~~~~~~~~~~~~~~~~~~~~
   21 
   22 * Fix support of larger metadata areas in LUKS2 header.
   23 
   24   This release properly supports all specified metadata areas, as documented
   25   in LUKS2 format description (see docs/on-disk-format-luks2.pdf in archive).
   26 
   27   Currently, only default metadata area size is used (in format or convert).
   28   Later cryptsetup versions will allow increasing this metadata area size.
   29 
   30 * If AEAD (authenticated encryption) is used, cryptsetup now tries to check
   31   if the requested AEAD algorithm with specified key size is available
   32   in kernel crypto API.
   33   This change avoids formatting a device that cannot be later activated.
   34 
   35   For this function, the kernel must be compiled with the
   36   CONFIG_CRYPTO_USER_API_AEAD option enabled.
   37   Note that kernel user crypto API options (CONFIG_CRYPTO_USER_API and
   38   CONFIG_CRYPTO_USER_API_SKCIPHER) are already mandatory for LUKS2.
   39 
   40 * Fix setting of integrity no-journal flag.
   41   Now you can store this flag to metadata using --persistent option.
   42 
   43 * Fix cryptsetup-reencrypt to not keep temporary reencryption headers
   44   if interrupted during initial password prompt.
   45 
   46 * Adds early check to plain and LUKS2 formats to disallow device format
   47   if device size is not aligned to requested sector size.
   48   Previously it was possible, and the device was rejected to activate by
   49   kernel later.
   50 
   51 * Fix checking of hash algorithms availability for PBKDF early.
   52   Previously LUKS2 format allowed non-existent hash algorithm with
   53   invalid keyslot preventing the device from activation.
   54 
   55 * Allow Adiantum cipher construction (a non-authenticated length-preserving
   56   fast encryption scheme), so it can be used both for data encryption and
   57   keyslot encryption in LUKS1/2 devices.
   58 
   59   For benchmark, use:
   60     # cryptsetup benchmark -c xchacha12,aes-adiantum
   61     # cryptsetup benchmark -c xchacha20,aes-adiantum
   62 
   63   For LUKS format:
   64     # cryptsetup luksFormat -c xchacha20,aes-adiantum-plain64 -s 256 <device>
   65 
   66   The support for Adiantum will be merged in Linux kernel 4.21.
   67   For more info see the paper https://eprint.iacr.org/2018/720.
   68 
   69 Unfinished things & TODO for next releases
   70 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   71 * Authenticated encryption should use new algorithms from CAESAR competition
   72   https://competitions.cr.yp.to/caesar-submissions.html.
   73   AEGIS and MORUS are already available in kernel 4.18.
   74 
   75   For more info about LUKS2 authenticated encryption, please see our paper
   76   https://arxiv.org/abs/1807.00309
   77 
   78   Please note that authenticated encryption is still an experimental feature
   79   and can have performance problems for high-speed devices and device
   80   with larger IO blocks (like RAID).
   81 
   82 * Authenticated encryption do not set encryption for a dm-integrity journal.
   83 
   84   While it does not influence data confidentiality or integrity protection,
   85   an attacker can get some more information from data journal or cause that
   86   system will corrupt sectors after journal replay. (That corruption will be
   87   detected though.)
   88 
   89 * There are examples of user-defined tokens inside misc/luks2_keyslot_example
   90   directory (like a simple external program that uses libssh to unlock LUKS2
   91   using remote keyfile).
   92 
   93 * The python binding (pycryptsetup) contains only basic functionality for LUKS1
   94   (it is not updated for new features) and will be REMOVED in version 2.1
   95   in favor of python bindings to the libblockdev library.
   96   See https://github.com/storaged-project/libblockdev/releases that
   97   already supports LUKS2 and VeraCrypt devices handling through libcryptsetup.