Cracking LUKS/dm-crypt passphrases

Maybe it goes without saying, but for this to work, your password must be bad to begin with. Or at least, the article does not point to any significant design weaknesses in LUKS; it instead documents a variety of ways to get passphrase-encrypted secrets into existing tools for bruteforcing passwords. The article suggests it is about backup or data recovery, but I think it is probably more interesting to people in the business of digital forensics.

I admit I didn&#x27;t read the entire article, I&#x27;ve been reading only the text around instances of argon and PBKDF, but:<p>can someone ELI5 how they do 882 hashes per second if PBKDF2 is set up to take 2 seconds, for example? What&#x27;s so broken about PBKDF2 that they get a &gt; 1000x speedup?

Sure. That&#x27;s why I wish I could do LUKS authentication via TPM, which can do hardware rate-limiting. Is this kind of setup possible these days?

Good luck with people like me. As ypu know, luks per default allows over 8 megabytes of key, so, i just make a dev&#x2F;urandom file that is up to the byte filling the top default keysize, which means a password of over 8 million characters, of which none or very few at best are found via the keyboard. I use at the minimum 8 million chars on all my luks devices. And I&#x27;ve set the key stretching to take above 15 mins to unlock, even with the right password, so good luck with John the ripper.

I peaked at some of the stats regarding his brute force attempt, but I couldn&#x27;t figure out how much progress he was making and whether a bf was actually feasible with LUKS. Is it something to be concerned about at this stage?