mirror of
https://github.com/Llewellynvdm/Tomb.git
synced 2024-11-25 22:27:34 +00:00
documentation updates
This commit is contained in:
parent
5de9cb32b9
commit
f9dc9ed5a7
23
AUTHORS.md
23
AUTHORS.md
@ -1,9 +1,11 @@
|
||||
Cryptsetup is written by Christophe Saout and Clemens Fruhwirth.
|
||||
Cryptsetup was originally written in 2004 by Jana Saout
|
||||
|
||||
Tomb is written and directed by Denis Roio <jaromil@dyne.org>
|
||||
LUKS extensions are written in 2006 by Clemens Fruhwirth
|
||||
|
||||
Tomb is written and maintained since 2007 by Denis Roio <jaromil@dyne.org>
|
||||
|
||||
Tomb includes code and advices by Anathema, Boyska, Hellekin O. Wolf,
|
||||
GDrooid and Parazyd.
|
||||
Daniel Rodriguez, Parazyd and Alexandre Pujol.
|
||||
|
||||
The 'gtomb' minimal GUI is being written by Parazyd.
|
||||
|
||||
@ -14,15 +16,20 @@ Python Tomb wrappers are contributed by Reiven and Boyska.
|
||||
Artwork is contributed by Jordi aka Mon Mort and Logan VanCuren.
|
||||
|
||||
Gettext internationalization and Spanish translation is contributed by
|
||||
GDrooid, French translation by Hellekin, Russian translation by fsLeg,
|
||||
German translation by x3nu, Italian translation by Massimiliano
|
||||
Augello and Swedish translation by PLJ / Kosovoper.
|
||||
Daniel Rodriguez. French translation by Hellekin and Roy Lockhart,
|
||||
Russian translation by fsLeg, German translation by Jerry Polfer,
|
||||
Italian translation by Massimiliano Augello and Swedish translation by
|
||||
PLJ / Kosovoper.
|
||||
|
||||
Tomb received the attention and minor contributions of , Jim Turner
|
||||
|
||||
|
||||
Testing, reviews and documentation contributed by Dreamer, Vlax,
|
||||
Shining the Translucent, Mancausoft, Asbesto Molesto, Nignux, TheJH,
|
||||
The Grugq, Reiven, GDrooid, Alphazo, Brian May, fsLeg, JoelMon,
|
||||
Narrat, x3nu, Jim Turner, Maxime Arthaud, RobertMX, mhogomchungu
|
||||
and... the Linux Action Show!
|
||||
Narrat, Jerry Polfer, Jim Turner, Maxime Arthaud, RobertMX,
|
||||
mhogomchungu Mandeep Bhutani, Emil Lundberg, Joel Montes de Oca, Armin
|
||||
Mesbah, Arusekk, Stephan Schindel and... the Linux Action Show!
|
||||
|
||||
Tomb includes an implementation of the "Password-Based Key Derivation
|
||||
Function v2" based on GCrypt and written by Anthony Thyssen.
|
||||
|
14
ChangeLog.md
14
ChangeLog.md
@ -1,5 +1,19 @@
|
||||
# Tomb ChangeLog
|
||||
|
||||
## 2.4
|
||||
### April 2017
|
||||
|
||||
This release introduces a major new feature with support for
|
||||
asymmetric encryption of Tomb keys using public/private GPG key
|
||||
pairs. It is now possible to protect a Tomb key using a GPG key (which
|
||||
can also be password-less for automations) as well encrypt a Tomb key
|
||||
for multiple recipients (list of GPG ids). Other improvements include:
|
||||
a fix to the 'slam' command with better detection of running programs
|
||||
using 'lsof' (new optional dependency); a fix to 'forge' key creation
|
||||
to really use 512 bits long keys to really trigger usage of AES256;
|
||||
correct support for opening tombs in read-only mode; update of the
|
||||
Tomber python wrapper in extras. Documentation has been updated.
|
||||
|
||||
## 2.3
|
||||
### January 2017
|
||||
|
||||
|
@ -1,3 +1,27 @@
|
||||
# Usage of AES128 due to shorter keysize
|
||||
## 2.4
|
||||
|
||||
All tomb keys forged using Tomb version 2.3 or preceeding are 256 bits
|
||||
large, which is insufficient to trigger usage of AES-256 encryption in
|
||||
XTS mode, which is the default. Therefore all tombs locked using
|
||||
smaller keys are silently encrypted using AES-128, according to the
|
||||
cryptsetup manual:
|
||||
> "By default a 256 bit key-size is used. Note however that XTS splits the supplied key in half, so to use AES-256 instead of AES-128 you have to set the XTS key-size to 512."
|
||||
|
||||
This problem has been noticed and corrected in Tomb version 2.4 where
|
||||
now the 'forge' command will automatically generate 512 bits keys. To
|
||||
switch to AES-256 encrypted tombs the only possibility is to create
|
||||
new keys, new tombs and copy the contents across, since the LUKS
|
||||
formatting occurs when the 'lock' command is issued using a new
|
||||
key. Using 'setkey' to switch key does not suffice to switch to
|
||||
AES-256.
|
||||
|
||||
This problem is minor and doesn't seem to heavily affect the security
|
||||
of Tombs created before 2.4 as the cryptographic strenght of AES-128
|
||||
and AES-256 is comparable; yet it is reasonable to think that larger
|
||||
key sizes resist better to Quantum computing attacks.
|
||||
|
||||
|
||||
# Vulnerability to password bruteforcing
|
||||
## Issue affecting keys used in steganography
|
||||
|
||||
|
@ -255,10 +255,9 @@ IRC on https://irc.dyne.org channel **#dyne** (or direct port 9999 SSL)
|
||||
|
||||
# Licensing
|
||||
|
||||
Tomb is Copyright (C) 2007-2017 by the Dyne.org Foundation
|
||||
|
||||
More information on all the developers involved is found in the
|
||||
[AUTHORS](AUTHORS.md) file.
|
||||
Tomb is Copyright (C) 2007-2017 by the Dyne.org Foundation and
|
||||
maintained by Denis Roio <jaromil@dyne.org>. More information on all
|
||||
the developers involved is found in the [AUTHORS](AUTHORS.md) file.
|
||||
|
||||
This source code is free software; you can redistribute it and/or
|
||||
modify it under the terms of the GNU Public License as published by
|
||||
|
Loading…
Reference in New Issue
Block a user