[Replicant] Modify iteration count for FDE

Denis 'GNUtoo' Carikli GNUtoo at cyberdimension.org
Tue Oct 20 21:17:14 UTC 2020


On Mon, 19 Oct 2020 21:24:52 +0000
Thomas Clarke <thomasc599 at protonmail.com> wrote:

> Greetings Replicant community,
> 
> As the encryption passphrase seems to be limited to a maximum of 16 
> characters. I'm curious to if there is any way to change the
> iteration count for when the passphrase is hashed.
I'm not familiar with how it works: while part of it seems standard
as it uses dm-crypt, another part (the dm-crypt parameters) seem to be
custom. Because of that, as far as I know, it's not possible to open
an encrypted data partition in GNU/Linux with standard tools like
cryptsetup, so you probably need custom tools for that.

As for changing the password, there is an f-droid application that
claims to be able to do that[1]. I didn't try it yet though.

Note that I didn't complete any review of f-droid applications for
potential freedom issues yet[2].

> If this is modifiable from a built system, where would I need to
> look? If it is required to be modified in the source, where would
> this modification need to be made?

References:
-----------
[1]https://f-droid.org/en/packages/com.kibab.android.EncPassChanger/
[2]I'm unsure if it's possible to build the same exact same apk
   (minus the signatures) from a GNU/Linux distribution that complies
   with The FSF/GNU's Free System Distribution Guidelines (FSDG).

Denis.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.osuosl.org/pipermail/replicant/attachments/20201020/d05334bd/attachment.asc>


More information about the Replicant mailing list