Re: eCryptfs key wrapping help to crack user password

[Tyler Hicks <tyhicks () canonical com>]

[adding cve-assign to cc]

On 2015-02-10 16:49:19, Tyler Hicks wrote:
> On 2015-02-10 15:07:24, Sylvain Pelissier wrote:
> > Hi,
> >
> > I have noticed that ecryptfs-utils is the default program used by the
> > Ubuntu distributions for home folder encryption since version 10.04.
> > In this case, a wrapping key is generated from the user password
> > using the hash function SHA-512 applied 65536 times. By default, the
> > wrapping key is hashed with the default fixed salt
> > (0x0011223344556677) and stored in the a file.
> > This was already noticed in bug :
> > https://bugs.launchpad.net/ecryptfs/+bug/906550
> > For  Ubuntu installations time-memory trade-off (rainbow tables, etc.)
> > can apply, as well as bulk dictionary attacks to crack user passwords
> > of Ubuntu installations when the home folder encryption is activated.
> > I am currently working to correct this weakness.
>
> Thanks for reporting this issue, Sylvain.
>
> I have confirmed the analysis above and upstream ecryptfs-utils is
> working to correct the problem.
>
> Tyler

Attachment: signature.asc
Description: Digital signature