[Bug 1263740] Re: 12.04.4 alternate installer encryption should default to aes-xts-plain64

Dimitri John Ledkov launchpad at surgut.co.uk
Wed Jan 22 12:03:24 UTC 2014 

** Description changed:

+ [Impact]
+ 
+  * Default LUKS encryption settings in the installer are proven to be susceptible to a malleability attack (targeted manipulation of encrypted data).
+  * Thus it is proposed to bump defaults to aes-xts-plain64 which is believe to not be affected by above attack.
+ 
+ [Test Case]
+ 
+  * Perform LUKS encrypted installation using d-i (text) based interface
+  * After installation verity that XTS has been used, and not CBC.
+ 
+ Here is the sample of _bad_ (CBC) output:
+ 
+ # cryptsetup luksDump /dev/sda5|grep Cipher
+ Cipher name:    aes
+ Cipher mode:    cbc-essiv:sha256
+ 
+ [Regression Potential]
+ 
+  *
+ 
+ [Other Info]
+ 
  12.04 LUKS encryption in the installer defaulted to CBC. We should
  switch 12.04.4 to aes-xts-plain64 as in 12.10 and above.
  
  See:
  http://www.jakoblell.com/blog/2013/12/22/practical-malleability-attack-against-cbc-encrypted-luks-partitions/

** Changed in: partman-crypto (Ubuntu Precise)
       Status: Confirmed => In Progress

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to partman-crypto in Ubuntu.
https://bugs.launchpad.net/bugs/1263740

Title:
  12.04.4 alternate installer encryption should default to aes-xts-
  plain64

Status in “partman-crypto” package in Ubuntu:
  Fix Released
Status in “partman-crypto” source package in Precise:
  In Progress

Bug description:
  [Impact]

   * Default LUKS encryption settings in the installer are proven to be susceptible to a malleability attack (targeted manipulation of encrypted data).
   * Thus it is proposed to bump defaults to aes-xts-plain64 which is believe to not be affected by above attack.

  [Test Case]

   * Perform LUKS encrypted installation using d-i (text) based interface
   * After installation verity that XTS has been used, and not CBC.

  Here is the sample of _bad_ (CBC) output:

  # cryptsetup luksDump /dev/sda5|grep Cipher
  Cipher name:    aes
  Cipher mode:    cbc-essiv:sha256

  [Regression Potential]

   *

  [Other Info]

  12.04 LUKS encryption in the installer defaulted to CBC. We should
  switch 12.04.4 to aes-xts-plain64 as in 12.10 and above.

  See:
  http://www.jakoblell.com/blog/2013/12/22/practical-malleability-attack-against-cbc-encrypted-luks-partitions/

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/partman-crypto/+bug/1263740/+subscriptions

More information about the foundations-bugs mailing list