1
My question in particular is:
Does using the same key multiple times ease bruteforcing the used keyfile or passphrase?
Thomas
Posted 2015-09-02T17:03:15.050
Reputation: 113
Is it safe to encrypt two different partitions with they same keyfile / passphrase?
Answers
2
LUKS's current default is AES-XTS. AES-XTS does not have significant chosen plain test attacks.
No it should not be an issue. The weak link is typically your password. Also for key generation consider using an option like PBKDF2 with SHA-512 with the highest number of iterations practical for you. This will increase the time needed to unlock. Try to make it a second or more instead of small fractions of a second. This makes it harder for the attacker to brute force test all possible keys. recommended-options-for-luks-cryptsetup
StackAbstraction
Posted 2015-09-02T17:03:15.050
Reputation: 782
1You understand that with LUKS that you aren't actually encrypting the volume with your passphrase, instead you are encrypting a block of data that actually has your volume key. – Zoredache – 2015-09-02T18:14:55.930