From What users should know about Full Disk Encryption based on LUKS
In Linux world, LUKS implementations are based on cryptsetup and dm-crypt. In order to mitigate the problem of brute force attacks based on weak user passwords, LUKS combined the ideas of salt and key derivation function (i.e., PBKDF2). Because salt parameter is known and user password may be guessed, we focus on iteration counts and their ability to slow down a brute force attack as much as possible I can’t understand how can the usage of salt (when it is known as in this case) mitigate brute force attacks ? What am I missing ?
