diff options
Diffstat (limited to '')
-rw-r--r-- | docs/v1.6.0-ReleaseNotes | 261 |
1 files changed, 261 insertions, 0 deletions
diff --git a/docs/v1.6.0-ReleaseNotes b/docs/v1.6.0-ReleaseNotes new file mode 100644 index 0000000..8ee64a0 --- /dev/null +++ b/docs/v1.6.0-ReleaseNotes @@ -0,0 +1,261 @@ +Cryptsetup 1.6.0 Release Notes +============================== + +Changes since version 1.6.0-rc1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + + * Change LUKS default cipher to use XTS encryption mode, + aes-xts-plain64 (i.e. using AES128-XTS). + + XTS mode becomes standard in hard disk encryption. + + You can still use any old mode: + - compile cryptsetup with old default: + configure --with-luks1-cipher=aes --with-luks1-mode=cbc-essiv:sha256 --with-luks1-keybits=256 + - format LUKS device with old default: + cryptsetup luksFormat -c aes-cbc-essiv:sha256 -s 256 <device> + + + * Skip tests and fix error messages if running on old systems (or with old kernel). + + * Rename configure.in to configure.ac and fix issues with new automake and pkgconfig + and --disable-kernel_crypto option to allow compilation with old kernel headers. + + * Allow repair of 512 bits key header. + + * Fix status of device if path argument is used and fix double path prefix + for non-existent device path. + + +Changes since version 1.5.1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Important changes +~~~~~~~~~~~~~~~~~ + + * Cryptsetup and libcryptsetup is now released under GPLv2+ + (GPL version 2 or any later). + Some internal code handling files (loopaes, verity, tcrypt + and crypto backend wrapper) are LGPLv2+. + + Previously code was GPL version 2 only. + + + * Introducing new unified command open and close. + + Example: + cryptsetup open --type plain|luks|loopaes|tcrypt <device> <name> + (type defaults to luks) + + with backward-compatible aliases plainOpen, luksOpen, loopaesOpen, + tcryptOpen. Basically "open --type xyz" has alias "xyzOpen". + + The "create" command (plain device create) is DEPRECATED but will + be still supported. + (This command is confusing because of switched arguments order.) + + The close command is generic command to remove mapping and have + backward compatible aliases (remove, luksClose, ...) which behaves + exactly the same. + + While all old syntax is still supported, I strongly suggest to use + new command syntax which is common for all device types (and possible + new formats added in future). + + + * cryptsetup now support directly TCRYPT (TrueCrypt and compatible tc-play) + on-disk format + (Code is independent implementation not related to original project). + + Only dump (tcryptDump command) and activation (open --type tcrypt or tcryptOpen) + of TCRYPT device are supported. No header changes are supported. + + It is intended to easily access containers shared with other operating systems + without need to install 3rd party software. For native Linux installations LUKS + is the preferred format. + + WARNING: TCRYPT extension requires kernel userspace crypto API to be + available (introduced in Linux kernel 2.6.38). + If you are configuring kernel yourself, enable "User-space interface + for symmetric key cipher algorithms" in "Cryptographic API" section + (CRYPTO_USER_API_SKCIPHER .config option). + + Because TCRYPT header is encrypted, you have to always provide valid + passphrase and keyfiles. Keyfiles are handled exactly the same as in original + format (basically, first 1MB of every keyfile is mixed using CRC32 into pool). + + Cryptsetup should recognize all TCRYPT header variants ever released, except + legacy cipher chains using LRW encryption mode with 64 bits encryption block + (namely Blowfish in LRW mode is not recognized, this is limitation of kernel + crypto API). + + Device activation is supported only for LRW/XTS modes (again, limitation + of kernel dmcrypt which do not implements TCRYPT extensions to CBC mode). + (So old containers cannot be activated, but you can use libcryptsetup + for lost password search, example of such code is included in misc directory.) + + Hidden header are supported using --tcrypt-hidden option, system encryption + using --tcrypt-system option. + + For detailed description see man page. + + EXAMPLE: + * Dump device parameters of container in file: + + # cryptsetup tcryptDump tst + Enter passphrase: + + TCRYPT header information for tst + Version: 5 + Driver req.: 7 + Sector size: 512 + MK offset: 131072 + PBKDF2 hash: sha512 + Cipher chain: serpent-twofish-aes + Cipher mode: xts-plain64 + MK bits: 1536 + + You can also dump master key using --dump-master-key. + Dump does not require superuser privilege. + + * Activation of this container + + # cryptsetup tcryptOpen tst tcrypt_dev + Enter passphrase: + (Chain of dmcrypt devices is activated as /dev/mapper/tcrypt_dev.) + + * See status of active TCRYPT device + + # cryptsetup status tcrypt_dev + + /dev/mapper/tcrypt_dev is active. + type: TCRYPT + cipher: serpent-twofish-aes-xts-plain64 + keysize: 1536 bits + device: /dev/loop0 + loop: /tmp/tst + offset: 256 sectors + size: 65024 sectors + skipped: 256 sectors + mode: read/write + + * And plaintext filesystem now ready to mount + + # blkid /dev/mapper/tcrypt_dev + /dev/mapper/tcrypt_dev: SEC_TYPE="msdos" UUID="9F33-2954" TYPE="vfat" + + + * Add (optional) support for lipwquality for new LUKS passwords. + + If password is entered through terminal (no keyfile specified) + and cryptsetup is compiled with --enable-pwquality, default + system pwquality settings are used to check password quality. + + You can always override this check by using new --force-password option. + + For more info about pwquality project see http://libpwquality.fedorahosted.org/ + + + * Proper handle interrupt signals (ctrl+c and TERM signal) in tools + + Code should now handle interrupt properly, release and explicitly wipe + in-memory key materials on interrupt. + (Direct users of libcryptsetup should always call crypt_free() when + code is interrupted to wipe all resources. There is no signal handling + in library, it is up to the tool using it.) + + + * Add new benchmark command + + The "benchmark" command now tries to benchmark PBKDF2 and some block + cipher variants. You can specify you own parameters (--cipher/--key-size + for block ciphers, --hash for PBKDF2). + + See man page for detailed description. + + WARNING: benchmark command requires kernel userspace crypto API to be + available (introduced in Linux kernel 2.6.38). + If you are configuring kernel yourself, enable "User-space interface + for symmetric key cipher algorithms" in "Cryptographic API" section + (CRYPTO_USER_API_SKCIPHER .config option). + + EXAMPLE: + # cryptsetup benchmark + # Tests are approximate using memory only (no storage IO). + PBKDF2-sha1 111077 iterations per second + PBKDF2-sha256 53718 iterations per second + PBKDF2-sha512 18832 iterations per second + PBKDF2-ripemd160 89775 iterations per second + PBKDF2-whirlpool 23918 iterations per second + # Algorithm | Key | Encryption | Decryption + aes-cbc 128b 212.0 MiB/s 428.0 MiB/s + serpent-cbc 128b 23.1 MiB/s 66.0 MiB/s + twofish-cbc 128b 46.1 MiB/s 50.5 MiB/s + aes-cbc 256b 163.0 MiB/s 350.0 MiB/s + serpent-cbc 256b 23.1 MiB/s 66.0 MiB/s + twofish-cbc 256b 47.0 MiB/s 50.0 MiB/s + aes-xts 256b 190.0 MiB/s 190.0 MiB/s + serpent-xts 256b 58.4 MiB/s 58.0 MiB/s + twofish-xts 256b 49.0 MiB/s 49.5 MiB/s + aes-xts 512b 175.0 MiB/s 175.0 MiB/s + serpent-xts 512b 59.0 MiB/s 58.0 MiB/s + twofish-xts 512b 48.5 MiB/s 49.5 MiB/s + + Or you can specify cipher yourself: + # cryptsetup benchmark --cipher cast5-cbc-essiv:sha256 -s 128 + # Tests are approximate using memory only (no storage IO). + # Algorithm | Key | Encryption | Decryption + cast5-cbc 128b 32.4 MiB/s 35.0 MiB/s + + WARNING: these tests do not use dmcrypt, only crypto API. + You have to benchmark the whole device stack and you can get completely + different results. But it is usable for basic comparison. + (Note for example AES-NI decryption optimization effect in example above.) + +Features +~~~~~~~~ + + * Do not maintain ChangeLog file anymore, see git log for detailed changes, + e.g. here http://code.google.com/p/cryptsetup/source/list + + * Move change key into library, add crypt_keyslot_change_by_passphrase(). + This change is useful mainly in FIPS mode, where we cannot + extract volume key directly from libcryptsetup. + + * Add verbose messages during reencryption. + + * Default LUKS PBKDF2 iteration time is now configurable. + + * Add simple cipher benchmarking API. + + * Add kernel skcipher backend. + + * Add CRC32 implementation (for TCRYPT). + + * Move PBKDF2 into crypto backend wrapper. + This allows use it in other formats, use library implementations and + also possible use of different KDF function in future. + + * New PBKDF2 benchmark using getrusage(). + +Fixes +~~~~~ + + * Avoid O_DIRECT open if underlying storage doesn't support it. + + * Fix some non-translated messages. + + * Fix regression in header backup (1.5.1) with container in file. + + * Fix blockwise read/write for end writes near end of device. + (was not used in previous versions) + + * Ignore setpriority failure. + + * Code changes to fix/ignore problems found by Coverity static analysis, including + - Get page size should never fail. + - Fix time of check/use (TOCTOU test) in tools + - Fix time of check/use in loop/wipe utils. + - Fix time of check/use in device utils. + + * Disallow header restore if context is non-LUKS device. |