|
From: | Ax333l |
Subject: | Re: PATCHES: argon2 key derivation for luks2 |
Date: | Sun, 12 Nov 2023 16:25:13 +0100 |
User-agent: | K-9 Mail for Android |
On Sun, Nov 05, 2023 at 01:40:57AM -0500, Oskari Pirhonen wrote:On Tue, Oct 31, 2023 at 14:57:58 +0100, Daniel Kiper wrote:Adding a few folks who were working on this...
On Tue, Oct 31, 2023 at 11:39:36AM +0000, Leah Rowe via Grub-devel wrote:i'm not sure if the grub devs have seen this or not. anyway, see
attached patches. i didn't make these myself but i'm sending them here.
it's the PHC (password hash competition) implementation of argon2,
adapted for the grub source code. i've been using this in libreboot and
it works very well, allows use of cryptomount on modern LUKS2 with
argon2 key deriv, so you don't need to downgrade to luks1 or pbkdf2
anymore. i wrote about it here: https://libreboot.org/news/argon2.html
one thing to note is that though the code is free software, it's a
permissive non-copyleft license; i still think grub should make use of
it, regardless. grub has lacked argon2 for years now, and re-writing it
will probably be a lot of wasted effort if the phc one works.
the phc implementation was originally adapted by someone named Axel, to
the archlinux aur for grub 2.06:
https://aur.archlinux.org/cgit/aur.git/tree/?h=grub-improved-luks2-git&id=1c7932d90f1f62d0fd5485c5eb8ad79fa4c2f50d
nicholas johnson (https://nicholasjohnson.ch/) contacted me telling me
he'd re-adapted the code for grub 2.12, on top of the rc1 tag. i then
started using it in libreboot's grub.
it would be nice if this could make it into the grub 2.12 release! the
patches are attached.
PS: the original PHC code is here:
https://github.com/P-H-C/phc-winner-argon2
It seems to me this is based on Patrick Steinhardt work. AFAICT Patrick
is going to repost new version of the patch set after the release. So,
I hope it will be included in the GRUB 2.14. We are not able to take this
patch set into upcoming release in this stage of development. Sorry
about that...
Patrick also mentioned that he'd prefer it if the bundled gcrypt was
updated to a version with Argon2 support rather than adapting the
reference implementation, but that it is "a _major_ effort". [1]
- Oskari
[1]: https://lore.kernel.org/grub-devel/Y3xs82f11kZSSi5I@ncase/
Indeed. I had several tries at updating the vendored libgcrypt, but
doing this is quite a frustrating experience to say the least. Every
time I started I eventually gave up.
So in the end I'm of two minds: yes, it would be great to pull in Argon2
via an updated libgcrypt instead of using the reference implementation.
But to be frank, I do not feel like I have the time or the motivation to
do the update myself given that it is such a huge task. So in the end,
we may just be pragmatic and use the reference implementation for the
time being until somebody steps up and does the update of libgcrypt.
I also wouldn't mind if somebody else wants to step up and build on top
of the work that I already did, but in that case I'd appreciate a
"Based-on-patch-by:" trailer in the commits. But if nobody does, and if
Daniel thinks that the reference implementation is okay for now, then I
will resubmit the patches once GRUB 2.12 is out of the door.
Patrick
[Prev in Thread] | Current Thread | [Next in Thread] |