Re: [PATCH 0/5] Support Argon2 KDF in LUKS2

[Daniel Kiper]

Adding Milan, Leif, Alex, Peter, Mathew and Vladimir.

On Thu, Feb 06, 2020 at 03:27:28PM +0100, Patrick Steinhardt wrote:
> Hi,
>
> as promised back when LUKS2 support was merged, here's the code that
> enables decrypting LUKS2 partitions that use Argon2 as their key derival
> function. Most of this is simple legwork, but I expect two things to be
> potentially controversial:
>
>     - I've changed how EFI allocates memory. On my test systems, I was
>       only able to allocate roughly 800MB, which isn't enough for the
>       default of 1GB memory parameter that cryptsetup uses with Argon2.
>       Instead of taking a quarter of available memory, we now take half
>       of it, which amounts to ~1.6GB on 32 bit systems.

That is huge for the bootloader. What about systems with less than 3 GiB of RAM?
Could we reduce amount of RAM required by Argon2?

>     - The import of Argon2 itself. I've imported code from the
>       cryptsetup project, but I've modified it quite a bit to fit into

Milan mentioned something about libgcrypt. Milan, when the Argon2 code
may land in libgcrypt?

>       GRUB's codebase. This included both stripping off unneeded
>       functionality as well as converting the code to use our own coding

Stripping unneeded functionality is OK. However, I think that it does
not make sense to convert coding style to the GRUB one. Especially if we
do not do that for other modules. So, I would leave coding style in
Argon2 module as is and save your precious minutes for something more
productive... ;-)

>       style. While it makes importing upstream fixes harder, I'd argue
>       the code is still very similar in its structure and thus
>       backporting should be easy enough.
>
> Anyway. With these changes I'm able to successfully decrypt LUKS2
> partitions making use of either PBKDF2, Argon2i or Argon2id.

I will take deeper dive into the code if we hammer out things listed above.

Daniel