Subject: ATTENTION CGD(4) USERS - flag day changes coming
To: None <current-users@netbsd.org>
From: Daniel Carosone <dan@geek.com.au>
List: tech-security
Date: 03/12/2004 11:22:08
--5mZBmBd1ZkdwT1ny
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
There are two (long-standing) issues with cgd(4), that require kernel
or configuration changes and possible user intervention to fix. The
fixes have been known for some time, but the need for a coordinated
flag day has delayed implementation. The changes need to happen soon -
before the 2.0 branch is made, so that compatibility issues don't span
any releases. (Once they are made, cgd could also be pulled up to the
1.6 branch, for the same reason).
1) The blowfish cipher has a key length mismatch between cgdconfig(8)
and the kernel.
This issue ONLY affects cgd users with the blowfish cipher; it does
not affect the aes or 3des ciphers. It is a kernel change that
will render your old cgd passphrase invalid with new kernels,
unless special measures are taken.
2) There is an algorithm correctness fix for the pkcs5_pbkdf2 key
generation method.
This affects all cgd(4) users with password-based keys. The likely
change will correct the algorithm under the existing name,
and retain the existing code under a new name, eventually to be
deprecated. Users would need to edit the cgd params file
(/etc/cgd/foo) to change the name to the old one, or generate a new
params file with an xor key for compatibility. This is entirely a
userspace change in cgdconfig(4).
Please note that neither of these affects the encryption strength of
cgd, other than that mishandling the change could result in incorrect
key generation and unreadable disks. Hence this message to publicise
the need for user attention.
So far as I am aware, there are very few people actually using the
blowfish cipher with cgd. I would like to hear from all such users,
so we can coordinate the change and determine how much effort is
required for backwards compatibility. There are several ways to
provide compatibility, but they're not at all elegant, and we'd prefer
to avoid them if possible. If there are only a few users affected,
other means might be more appropriate.
Please respond to this mail ASAP if you use cgd with blowfish. Please
do so privately if it is just to add your name to the list of blowfish
users.
I intend that these changes would be made within the next week or two,
depending on time and number of respondees. Further notice will be
given before the change, and a kernel version bump will be made.
--
Dan.
--5mZBmBd1ZkdwT1ny
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (NetBSD)
iD8DBQFAUQKwEAVxvV4N66cRAra5AJ45yctif1HDfrSiPV34QBNQ1tTi4wCfQ75I
/HKWJQvZdT0jpBeZrIgqrYE=
=eFLk
-----END PGP SIGNATURE-----
--5mZBmBd1ZkdwT1ny--