You will have to excuse me, I am not familiar with Newsgroups/Mailing lists/etc. I generally use forums, so this is all a bit new to me, sorry for the inconvenience. > > LUKS would be potentially weaker, if the actual key(s) stored on > > disk were weak. They are not and the passphrase is the limiting factor. > > However the same is true for loop-AES. LUKS has the advantage > > of using some techniques to make weak passwords harder to guess > > though. > My loop-AES setup stores the 65 random keys in a container off disk, and is opened at boot time. The keys are extracted, and require a password, although it is not necessary, and these keys are then stored in memory. After this the off disk container is closed, so the keys are only accessible now from main memory (or swap which is encrypted). These 65 random keys are the master keys. They are never stored with the encrypted data. LUKS will more than likely do the same thing every other password program does to make weak passwords difficult to guess; use a salt. I believe loop-AES uses a salt as well, so this doesn't seem any more advanced. I know AES itself is rather secure until a weakness is found. What I want to know is how the key system works by dm-crypt. I did read the LUKS-on-disk-format document on the LUKS website, and if I read it correctly, the area that stores each encrypted master key is only 4 bytes long. This means that the effective master key length is only 4 bytes (32-bits). I am under the impression that the data stored here may be a pointer, but I'm still lost. If I was to brute-force crack my loop-AES system, I would need to crack not 256-bits (which is the length of each key), but 256-bits times 64 keys, plus the IV. I would have a lot of work. I would have a lot of combinations. Following the README from loop-AES, I created 2925 bytes of random data to create my keys. Hence an attacker would need to perform 23400 different decryption attempts in order to find the right combination of keys and IV to break the system. In short, the system has been extended to have not 256-bits of entropy, but 23400-bits of entropy. (I hope I have not used entropy in the wrong context here). If I need to go through that much to crack the encryption system under loop-AES, assuming the original keys are inaccessible in any way, what do I need to go through with dm-crypt to crack it, especially if I am using a USB stick with the system? If loop-AES used in this way is more secure than dm-crypt, then perhaps it may give the developers some ideas for later designs. I do understand that dm-crypt with LUKS is designed to be a lot more flexible with the types of algorithms it can use, but is it as secure? Sorry it is so long winded. I'm after the strongest in security, not ease of implementation or flexibility. I'll use any system that offers me that, just as long as it is quick enough. Public-Key disk encryption is out for this reason. Thanks for your time, Michael Cassaniti --------------------------------------------------------------------- - http://www.saout.de/misc/dm-crypt/ To unsubscribe, e-mail: dm-crypt-unsubscribe@xxxxxxxx For additional commands, e-mail: dm-crypt-help@xxxxxxxx
