Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1756681AbcK3I3z (ORCPT ); Wed, 30 Nov 2016 03:29:55 -0500 Received: from b.ns.miles-group.at ([95.130.255.144]:44724 "EHLO radon.swed.at" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1753042AbcK3I3q (ORCPT ); Wed, 30 Nov 2016 03:29:46 -0500 Subject: Re: Idea behind EXT4_IOC_GET_ENCRYPTION_PWSALT? To: Joe Richey References: Cc: linux-fsdevel , "linux-kernel@vger.kernel.org" , Ext4 Developers List , Michael Halcrow , "Theodore Ts'o" , muslukhovi@gmail.com, David Gstir From: Richard Weinberger Message-ID: <9c61d812-9ec8-006d-bf24-775879678865@nod.at> Date: Wed, 30 Nov 2016 09:29:40 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.2 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 594 Lines: 19 Joe, On 30.11.2016 01:44, Joe Richey wrote: > Richard, > > Our current design for fscrypt (tentative name for the userspace > filesystem encryption manager) does not use the global filesystem salt > (EXT4_IOC_GET_ENCRYPTION_PWSALT), we are planning on having a > different salt for each password used in the system. We are using > planning on using Argon2id as the password stretching algorithm, so > we'll have costs for memory, time, and parallelism stored for each > password as well as a salt. Makes sense. So, for now I'll not implement this ioctl command in UBIFS. Thanks, //richard