Llewellyn/Tomb
1
0
Fork 0
mirror of https://github.com/Llewellynvdm/Tomb.git synced 2025-04-05 09:11:52 +00:00
Code Issues Packages Projects Releases Wiki Activity

documentation updates

Browse Source
This commit is contained in:
Jaromil 2017-04-16 12:49:04 +02:00
parent 5de9cb32b9
commit f9dc9ed5a7
4 changed files with 56 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
AUTHORS.md
View File

@ -1,9 +1,11 @@
Cryptsetup is written by Christophe Saout and Clemens Fruhwirth. Cryptsetup was originally written in 2004 by Jana Saout
Tomb is written and directed by Denis Roio <jaromil@dyne.org> LUKS extensions are written in 2006 by Clemens Fruhwirth
Tomb is written and maintained since 2007 by Denis Roio <jaromil@dyne.org>
Tomb includes code and advices by Anathema, Boyska, Hellekin O. Wolf, Tomb includes code and advices by Anathema, Boyska, Hellekin O. Wolf,
GDrooid and Parazyd. Daniel Rodriguez, Parazyd and Alexandre Pujol.
The 'gtomb' minimal GUI is being written by Parazyd. The 'gtomb' minimal GUI is being written by Parazyd.
@ -14,15 +16,20 @@ Python Tomb wrappers are contributed by Reiven and Boyska.
Artwork is contributed by Jordi aka Mon Mort and Logan VanCuren. Artwork is contributed by Jordi aka Mon Mort and Logan VanCuren.
Gettext internationalization and Spanish translation is contributed by Gettext internationalization and Spanish translation is contributed by
GDrooid, French translation by Hellekin, Russian translation by fsLeg, Daniel Rodriguez. French translation by Hellekin and Roy Lockhart,
German translation by x3nu, Italian translation by Massimiliano Russian translation by fsLeg, German translation by Jerry Polfer,
Augello and Swedish translation by PLJ / Kosovoper. Italian translation by Massimiliano Augello and Swedish translation by
PLJ / Kosovoper.
Tomb received the attention and minor contributions of , Jim Turner
Testing, reviews and documentation contributed by Dreamer, Vlax, Testing, reviews and documentation contributed by Dreamer, Vlax,
Shining the Translucent, Mancausoft, Asbesto Molesto, Nignux, TheJH, Shining the Translucent, Mancausoft, Asbesto Molesto, Nignux, TheJH,
The Grugq, Reiven, GDrooid, Alphazo, Brian May, fsLeg, JoelMon, The Grugq, Reiven, GDrooid, Alphazo, Brian May, fsLeg, JoelMon,
Narrat, x3nu, Jim Turner, Maxime Arthaud, RobertMX, mhogomchungu Narrat, Jerry Polfer, Jim Turner, Maxime Arthaud, RobertMX,
and... the Linux Action Show! mhogomchungu Mandeep Bhutani, Emil Lundberg, Joel Montes de Oca, Armin
Mesbah, Arusekk, Stephan Schindel and... the Linux Action Show!
Tomb includes an implementation of the "Password-Based Key Derivation Tomb includes an implementation of the "Password-Based Key Derivation
Function v2" based on GCrypt and written by Anthony Thyssen. Function v2" based on GCrypt and written by Anthony Thyssen.

14
ChangeLog.md
View File

@ -1,5 +1,19 @@
# Tomb ChangeLog # Tomb ChangeLog
## 2.4
### April 2017
This release introduces a major new feature with support for
asymmetric encryption of Tomb keys using public/private GPG key
pairs. It is now possible to protect a Tomb key using a GPG key (which
can also be password-less for automations) as well encrypt a Tomb key
for multiple recipients (list of GPG ids). Other improvements include:
a fix to the 'slam' command with better detection of running programs
using 'lsof' (new optional dependency); a fix to 'forge' key creation
to really use 512 bits long keys to really trigger usage of AES256;
correct support for opening tombs in read-only mode; update of the
Tomber python wrapper in extras. Documentation has been updated.
## 2.3 ## 2.3
### January 2017 ### January 2017

24
KNOWN_BUGS.md
View File

@ -1,3 +1,27 @@
# Usage of AES128 due to shorter keysize
## 2.4
All tomb keys forged using Tomb version 2.3 or preceeding are 256 bits
large, which is insufficient to trigger usage of AES-256 encryption in
XTS mode, which is the default. Therefore all tombs locked using
smaller keys are silently encrypted using AES-128, according to the
cryptsetup manual:
> "By default a 256 bit key-size is used. Note however that XTS splits the supplied key in half, so to use AES-256 instead of AES-128 you have to set the XTS key-size to 512."
This problem has been noticed and corrected in Tomb version 2.4 where
now the 'forge' command will automatically generate 512 bits keys. To
switch to AES-256 encrypted tombs the only possibility is to create
new keys, new tombs and copy the contents across, since the LUKS
formatting occurs when the 'lock' command is issued using a new
key. Using 'setkey' to switch key does not suffice to switch to
AES-256.
This problem is minor and doesn't seem to heavily affect the security
of Tombs created before 2.4 as the cryptographic strenght of AES-128
and AES-256 is comparable; yet it is reasonable to think that larger
key sizes resist better to Quantum computing attacks.
# Vulnerability to password bruteforcing # Vulnerability to password bruteforcing
## Issue affecting keys used in steganography ## Issue affecting keys used in steganography

7
README.md
View File

@ -255,10 +255,9 @@ IRC on https://irc.dyne.org channel **#dyne** (or direct port 9999 SSL)
# Licensing # Licensing
Tomb is Copyright (C) 2007-2017 by the Dyne.org Foundation Tomb is Copyright (C) 2007-2017 by the Dyne.org Foundation and
maintained by Denis Roio <jaromil@dyne.org>. More information on all
More information on all the developers involved is found in the the developers involved is found in the [AUTHORS](AUTHORS.md) file.
[AUTHORS](AUTHORS.md) file.
This source code is free software; you can redistribute it and/or This source code is free software; you can redistribute it and/or
modify it under the terms of the GNU Public License as published by modify it under the terms of the GNU Public License as published by