TIL the French government may have broken encryption on a LUKS-encrypted laptop with a “greater than 20 character” password in April 2023.
When upgrading TAILS today, I saw their announcement changing LUKS from PBKDF2 to Argon2id.
The release announcement above has some interesting back-of-the-envelope calculations for the wall-time required to crack a master key from a LUKS keyslot with PBKDF2 vs Argon2id.
And they also link to Matthew Garrett’s article, which describes how to manually upgrade your (non-TAILS) LUKS header to Argon2id.
The article is almost 70 days old, and Clemens Fruhwirth, one of the creators of LUKS, has responded:
It doesn’t seem like it’s such a big deal.
can you please link to the source with Fruhwirth’s response?
https://www.reddit.com/r/linux/comments/12q51ce/comment/jgpvsqc/?utm_source=share&utm_medium=web2x&context=3
Yep, a 10 Diceware word passphrase is just as secure as a 128-bit encryption key, even if only HKDF were used instead of a password-based KDF. Key stretching matters when you have weak passphrases, and even Argon2 only adds a few bits of effective entropy with reasonable difficulty factors.