On Thu 2015-02-19 06:25:35 -0500, intrigeri wrote: > Hi, > > Daniel Kahn Gillmor wrote (18 Feb 2015 23:50:20 GMT) : >> On Wed 2015-02-18 16:24:51 -0500, goupille wrote: >>> iteration time: it is low for slow systems, and Tails is aimed to work >>> on relatively slow systems it should be increased > >> iteration time only has a cost during boot (persistence unlock). I >> agree that spending extra cycles at boot is worthwhile. > > Agreed. For the Live system use case, tuning the number of iterations > based on the speed of the machine where the LUKS device is initially > created doesn't make much sense. IMO, ideally we would fix the > iteration *count* ourselves. > > However, cryptsetup only supports setting the iteration *time* > (with --iter-time), so next step would be to ensure there's a wishlist > ticket in cryptsetup bug tracker to request a --iter-count or > similar option.
here's the upstream bugtracker (requires a google account to post a ticket): https://code.google.com/p/cryptsetup/issues/list the code looks pretty straightforward if someone wants to work on a patch. git clone https://code.google.com/p/cryptsetup/ and take a look at: lib/setup.c lib/luks1/keymanage.c lib/libcryptsetup.h src/cryptsetup.c --dkg _______________________________________________ Tails-dev mailing list Tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to tails-dev-unsubscr...@boum.org.
