security/hakurei.app
security/hakurei.app
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 4 Wiki Activity

add information on separate passphrases

Browse Source
This commit is contained in:
Daniel Micay 2021-01-13 04:46:58 -05:00
parent cf2a1fea2c
commit 27481e6449
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
static/faq.html
View File

@ -338,7 +338,11 @@
only for managing other profiles. Using a secondary profile for regular usage only for managing other profiles. Using a secondary profile for regular usage
allows you to make use of the device without decrypting the data in your allows you to make use of the device without decrypting the data in your
regular usage profile. It also allows putting it at rest without rebooting the regular usage profile. It also allows putting it at rest without rebooting the
device.</p> device. Even if you use the same passphrase for multiple profiles, each of
those profiles still ends up with a unique key encryption key and a compromise
of the OS while one of them is active won't leak the passphrase. The advantage
to using separate passphrases is in case an attacker records you entering
it.</p>
<p>File data is encrypted with AES-256-XTS and file names with AES-256-CTS. A <p>File data is encrypted with AES-256-XTS and file names with AES-256-CTS. A
unique key is derived using HKDF-SHA512 for each regular file, directory and unique key is derived using HKDF-SHA512 for each regular file, directory and