From nobody Wed Apr 19 09:47:47 2023 X-Original-To: freebsd-security@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Q1bYy6hN9z45FgV for ; Wed, 19 Apr 2023 09:47:50 +0000 (UTC) (envelope-from infoomatic@gmx.at) Received: from mout.gmx.net (mout.gmx.net [212.227.15.15]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "mout.gmx.net", Issuer "Telekom Security ServerID OV Class 2 CA" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Q1bYx6flwz3G5x for ; Wed, 19 Apr 2023 09:47:49 +0000 (UTC) (envelope-from infoomatic@gmx.at) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmx.at header.s=s31663417 header.b=froKBQcc; spf=pass (mx1.freebsd.org: domain of infoomatic@gmx.at designates 212.227.15.15 as permitted sender) smtp.mailfrom=infoomatic@gmx.at; dmarc=pass (policy=none) header.from=gmx.at DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gmx.at; s=s31663417; t=1681897668; i=infoomatic@gmx.at; bh=nPwch4cw5IYgzhY7kV3ZMw6qKfl/rC6O/ygv0HGm6MM=; h=X-UI-Sender-Class:Date:To:From:Subject; b=froKBQccuWh4yjU8lNUdMjfDgQ6dM4j0r6Jf1EeyDrYoWcyiJp+k5m9pn9EWmXOw+ C98gwkHmQJmpmrythOxLUjEW2W0zZc90iH/mn4xmk3K6JR3QFjyZaF1n10jmyTDkQh 1AKz+eCDVvphs27UTsJstz7OsawbA5te9p8N/DVz6RU5azi8/w3Wf9B1DQ/wU+yOor BwOPbzzprCuLRsxqMYkRWsArRT+kbcjaHziEYQn4lWQCNWdO9UiOoqJDcVPGpNvZzy FZOI1D1t9xQR4hPdI1nvGwfos9JTdZ9n+PklEfCjcm63CaCN3nJsWGxhIsXfS2iRDn 0IxHfhil0U+8g== X-UI-Sender-Class: 724b4f7f-cbec-4199-ad4e-598c01a50d3a Received: from [10.0.1.209] ([178.114.231.241]) by mail.gmx.net (mrgmx004 [212.227.17.190]) with ESMTPSA (Nemesis) id 1N3se2-1qWxnv3vTE-00zkcJ for ; Wed, 19 Apr 2023 11:47:48 +0200 Message-ID: Date: Wed, 19 Apr 2023 11:47:47 +0200 List-Id: Security issues List-Archive: https://lists.freebsd.org/archives/freebsd-security List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-security@freebsd.org X-BeenThere: freebsd-security@freebsd.org MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:102.0) Gecko/20100101 Thunderbird/102.10.0 To: freebsd-security@FreeBSD.org Content-Language: en-US From: infoomatic Subject: geli key derivation function Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: quoted-printable X-Provags-ID: V03:K1:zE60TakeaDb/b1HXEsoSusZVaD4ydB6wP+cg9L+hnUFrIBGV3uh VfBBA5M/rM7pcm7gLpNz3eg0MPz/huc5GvXc8H5uoTDU5Pf5HygE5gRX27hF+A8llV1Q0Sa linZb3rPbiz1m78M+d0E0dGjJ0+GIEFXCkZJJPqunr6484EXI2BGMiltH0PaDeT56Gz9MAd XKFyEFOyPPyctgL3Y61cQ== X-Spam-Flag: NO UI-OutboundReport: notjunk:1;M01:P0:rm27zeLDVo4=;GHvqFTgC4gOGizfZVc4PmHkRY2w 3VentAnFaKMXVgYLiWZQFc6lyGhaRbeaPM2LEpzfPjPXkin2uALqg6PwEYcERhlvjAXuQTDn3 Im4z4OvEOjH1BZU0gxbbEufs7feGGhX0LVec+DTN74+YZtXXs8TyfSgoQw/NevnGvxQa3sn65 GFgRXHTcCr2uLszPh22aqyCH79X69f2+z7yzqg+5CmlamLpFMTSq9jAJaBPtUVMGmqaTkjpmm MbUFL0VfjdoA8UGsBexkgh82Ey3AplA267AzB4KdoMotS9gyPYP9v1YJrOYAQd0PV3zWrTwAb MoAhWXLoKIL+qG+zaMoWkJTmyJpAfsWWURzfBT/Slb6vKenGMZFFs4lXUlB9DNojKEYm3RiAO kAy8RTHvhSeGP8VYYtNqbtcMU7ntT+FNm28fVwT6TF289p4yaBY0h+Q7q3EzseWcZhAIy/arl bh1iwcy5CrnVnyAohvSP8BmNKBVtLkjgtdmSK3DCcE8DKLSjNkj2BB08LZExjMN9Y1mP9tTvD UQX88iJQe6mpiLr5YmuJSZ/jaIW2t9xDTzfxKlO7kIxE3vvVWwlx/QNXwHE17sl5UvH8Qy8M4 EuhHTDA0rHC/jwN50ItBBeGJtFiDwPhlHE3D3T6kp0VgtCGVQqy+RSr0VE/t6w1fsYE3c04ml /Dbb/naHcESL5LZqjUmUaXSca5hVxJLCHqvjBTeo/BtKnbU2DlCq8oEX0et6T9+YZDuERGb9/ mRUQazpdlA032uWiROgYtJEBn6e7fgvFSVZbe39iUKJt0csl8G/QnkqP8G3nYc7PrbehI7ffx e5kQLylM6YDEA/jKgafJUQDbU6XRjj0doGfNd27k8zMYyJF52IaMhGikDNddstEVSsYMYuIq7 LS1C4OR+LocSv8bhXPiGTFWRKRlScmCTVWUCJ2AyFcTSKf4uVft4Zym5MIaDLi9RjzqtHEFTs +rcAiJpD6U/vTt/Tu5rLXiFgZ6w= X-Spamd-Result: default: False [-4.10 / 15.00]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-0.999]; DMARC_POLICY_ALLOW(-0.50)[gmx.at,none]; R_DKIM_ALLOW(-0.20)[gmx.at:s=s31663417]; R_SPF_ALLOW(-0.20)[+ip4:212.227.15.0/25:c]; RCVD_IN_DNSWL_LOW(-0.10)[212.227.15.15:from]; MIME_GOOD(-0.10)[text/plain]; RCPT_COUNT_ONE(0.00)[1]; FROM_HAS_DN(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-security@freebsd.org]; TO_MATCH_ENVRCPT_ALL(0.00)[]; RWL_MAILSPIKE_POSSIBLE(0.00)[212.227.15.15:from]; MLMMJ_DEST(0.00)[freebsd-security@FreeBSD.org]; RCVD_VIA_SMTP_AUTH(0.00)[]; RCVD_COUNT_TWO(0.00)[2]; DKIM_TRACE(0.00)[gmx.at:+]; TO_DN_NONE(0.00)[]; FREEMAIL_FROM(0.00)[gmx.at]; ARC_NA(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; FREEMAIL_ENVFROM(0.00)[gmx.at]; MIME_TRACE(0.00)[0:+]; MID_RHS_MATCH_FROM(0.00)[]; ASN(0.00)[asn:8560, ipnet:212.227.0.0/16, country:DE]; RCVD_TLS_ALL(0.00)[] X-Rspamd-Queue-Id: 4Q1bYx6flwz3G5x X-Spamd-Bar: ---- X-ThisMailContainsUnwantedMimeParts: N Hi, After reading [1] I would like to approach the developers to improve gelis KDF. Currently PKCS#5 is used (RFC 2898 from the year 2000), it would great if some developers agree that this could be improved and hopefully they have time to implement this. What is the best way to make this kind of feature request? Regards, Robert [1] https://mjg59.dreamwidth.org/66429.html