-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Jonas Meurer wrote: > On 23/10/2009 Marcus Better wrote: >> Sorry, there is no difference whatsoever in this version. > > yes, there is. there's a small speed increase in processing > key/passphrase, and a huge speed increase for higher keyslots.
Well, let me rephrase that: "there is no difference whatsoever, perceptible to me, for my setup". I count wall clock time when the partitions are unlocked during boot, and it still takes around 5 seconds per partition. There might be a small increase but not enough to notice. It only happens to one of my laptops, they have similar hardware and I did not, to the best of my knowledge, tweak any LUKS parameters. Here is the luksDump info. Maybe the number of iterations is too high? Should I create a key with different parameters? ~# cryptsetup luksDump /dev/vg0/home LUKS header information for /dev/vg0/home Version: 1 Cipher name: aes Cipher mode: cbc-essiv:sha256 Hash spec: sha1 Payload offset: 2056 MK bits: 256 MK digest: eb cf 60 32 d9 b1 84 ff 92 3c e7 da ce b5 cf 33 c1 16 b9 d4 MK salt: ce 90 80 93 e3 d8 6c 3f a5 a9 83 cc 6e 2f d8 60 48 43 fe ab 66 c3 bc 65 50 72 b0 e2 66 64 e6 bc MK iterations: 10 UUID: ef49b938-cb47-412c-b441-b6940e6e69f3 Key Slot 0: ENABLED Iterations: 165980 Salt: a9 9d cf 1d 95 30 d6 c3 66 6c 7c f5 07 a4 2b c9 46 b1 ce 45 93 f6 59 63 3d 71 c8 a0 8c c0 18 42 Key material offset: 8 AF stripes: 4000 Key Slot 1: ENABLED Iterations: 435577 Salt: 4c 0e cf 30 06 3d 2e 85 09 e8 dc 90 4a 0f a7 bc f4 d6 1a 18 38 8f f0 17 5b 48 5d d7 02 fd 1b a8 Key material offset: 264 AF stripes: 4000 Key Slot 2: DISABLED Key Slot 3: DISABLED Key Slot 4: DISABLED Key Slot 5: DISABLED Key Slot 6: DISABLED Key Slot 7: DISABLED > no further improvement seems to be possible with current implementation > according to upstream. Well, I have plenty of cryptographic software and they do not take five seconds to decrypt a key. > i suggest to reclose the bug for that reason. tagging this bug as > wontfix doesn't seem appropriate to me. you could easily file bugs at > random packages claiming that the software is to slow for you. Trust me, when GnuPG or SSH start taking five seconds to unlock a key from a passphrase I will file bugs there too. Cheers, Marcus -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkrhmaMACgkQXjXn6TzcAQk3awCgtYfJdSIhDdhSCAeVsLNt/QDt qcIAoIAaKdQ0rAZ5NpwBMK70B0Nel8jS =xc+e -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org