LUKS passphrase strength visible upon entering

[Roennie]

Qubes OS version: R3.1

Affected TemplateVMs: N/A

---

Expected behavior:

No visual disclosure of the LUKS passphrase length if the used passphrase is longer than the 'input box'.

Actual behavior:

If a LUKS passphrase is used, longer than the 'input box' in the boot process, the remaining characters get darker 'dots' than the initial 'dots'.

Steps to reproduce the behavior:

Set a LUKS passphrase of 40 (?) characters, enter them on boot to unlock FDE.

General notes:

Perhaps an option to disable any visual passphrase length 'confirmation' would be an idea, without having to fall back to the text boot environment?

---

Related issues:

[andrewdavidwong]

I assume the reason for the existing behavior is to give the user visual confirmation that additional passphrase characters are being entered (beyond what can fit in the box). Not having any form of visual feedback for the input of additional characters could be an accessibility concern.

It's not clear what the security significance of the "darker dots" issue is compared to having dots at all. An attacker who can see the screen while you enter your passphrase will be able to tell exactly how long your passphrase is either way. If your passphrase fits within the box, the attacker can count the number of dots. If the passphrase doesn't fit within the box because it's longer, then having the darker dots preserves the attacker's ability to count the dots. If this is a problem, then presumably we shouldn't have any visual indicator of passphrase length even (especially) for short passphrases that fit within the box.

In other words, it's strange to focus on the "darker dots" issue when the real problem (if it's even a problem, which I'm not sure it is) is having dots at all.

[andrewdavidwong]

I assume the reason for the existing behavior is to give the user visual confirmation that additional passphrase characters are being entered (beyond what can fit in the box). Not having any form of visual feedback for the input of additional characters could be an accessibility concern.

It's not clear what the security significance of the "darker dots" issue is compared to having dots at all. An attacker who can see the screen while you enter your passphrase will be able to tell exactly how long your passphrase is either way. If your passphrase fits within the box, the attacker can count the number of dots. If the passphrase doesn't fit within the box because it's longer, then having the darker dots preserves the attacker's ability to count the dots. If this is a problem, then presumably we shouldn't have any visual indicator of passphrase length even (especially) for short passphrases that fit within the box.

In other words, it's strange to focus on the "darker dots" issue when the real problem (if it's even a problem, which I'm not sure it is) is having dots at all.

[Roennie]

Thank you for the feedback! Having done some additional research, I think that this is configured in plymouth? Thus, it should be configurable after installation?

I am not familiar at all with plymouth, but would the option to change this behavior during initial installation perhaps be an outcome? An opt-in, like "Hide the length of my passphrase during disk unlocking?". I might be able to work out a pull request for this issue, if desireable.

[Roennie]

Thank you for the feedback! Having done some additional research, I think that this is configured in plymouth? Thus, it should be configurable after installation?

I am not familiar at all with plymouth, but would the option to change this behavior during initial installation perhaps be an outcome? An opt-in, like "Hide the length of my passphrase during disk unlocking?". I might be able to work out a pull request for this issue, if desireable.

[andrewdavidwong]

I am not familiar at all with plymouth, but would the option to change this behavior during initial installation perhaps be an outcome? An opt-in, like "Hide the length of my passphrase during disk unlocking?".

@marmarek probably knows about this.

I might be able to work out a pull request for this issue, if desireable.

A pull request would be great, though I'm not sure how much demand there is for this feature aside from you. :)

[andrewdavidwong]

I am not familiar at all with plymouth, but would the option to change this behavior during initial installation perhaps be an outcome? An opt-in, like "Hide the length of my passphrase during disk unlocking?".

@marmarek probably knows about this.

I might be able to work out a pull request for this issue, if desireable.

A pull request would be great, though I'm not sure how much demand there is for this feature aside from you. :)

[adrelanos]

Andrew David Wong:

If this is a problem, then presumably we shouldn't have any visual indicator of passphrase length even (especially) for short passphrases that fit within the box.

I don't have a strong point and would just like to note, that this
influences UX. I witnessed lesser/common computer literate people being
greatly confused when there is no indicator in a password box when they
type. (such as full disk encryption password at boot time of some
operating systemd)

[adrelanos]

Andrew David Wong:

If this is a problem, then presumably we shouldn't have any visual indicator of passphrase length even (especially) for short passphrases that fit within the box.

I don't have a strong point and would just like to note, that this
influences UX. I witnessed lesser/common computer literate people being
greatly confused when there is no indicator in a password box when they
type. (such as full disk encryption password at boot time of some
operating systemd)

[andrewdavidwong]

I think Kerchoff's principle applies here. Allowing an attacker to learn the length of your passphrase should not decrease the security of your system. If the passphrase is short enough for brute forcing to be feasible, then concealing the length is just security through obscurity. If the passphrase is long enough for brute forcing to be unfeasible, then the attacker knowing the length doesn't aid the attacker, since brute forcing is still unfeasible.

[andrewdavidwong]

I think Kerchoff's principle applies here. Allowing an attacker to learn the length of your passphrase should not decrease the security of your system. If the passphrase is short enough for brute forcing to be feasible, then concealing the length is just security through obscurity. If the passphrase is long enough for brute forcing to be unfeasible, then the attacker knowing the length doesn't aid the attacker, since brute forcing is still unfeasible.

[andrewdavidwong]

(Not to mention that an attacker who can see your screen while you enter your masked passphrase could probably just look down at your hands to see which keys you're pressing.)

[andrewdavidwong]

(Not to mention that an attacker who can see your screen while you enter your masked passphrase could probably just look down at your hands to see which keys you're pressing.)