On Fri, Jan 16, 2009 at 07:35:22PM +0100, Stefan X wrote: > Hi! > I forgot a password for an dm-crypt encrypted partition and would like > to try to break the encryption by brute force. Therefore I have some > questions. > > Are there incompatibilities between old dm-crypt and LUKS or is it > possible to mount an old partition which is encrypted with dm-crypt (no > LUKS!) in an up-to-date distributions? LUKS and dm-crypt are two different systems. However there may well support for dm-crypt in a modern sdistribution. > Tools like John the Ripper are great for cracking hashed passwords. Is > it possible to extract a hash out of a partition which can be used for > such attacks as John the Ripper do? If so, do you have any reference how > to execute this task? No. dm-crypt does not store a hashed password, encrypted or otherwise. It directly uses the hash of your passphrase as encryption key. If you still know what is on the partition, you may be able to at least do a known-plaintext attack, but the only thing you can use from John the Ripper is the password generation scheme. However, since you should have at least some idea what the password looks like, you would best adapt the password generation to that. > Otherwise, I would need to try to mount the partition with each > potential password which would be quite slow. Do you have any > suggestions how to speed up this process? Do cryptsetup and see whether the filesystem looks right using your own code. No mounting required. Even faster, read a sector with some known contents into memory and decrypt it there using the algorithm you used for dm-crypt (likely the default). No further disk access required. Arno -- Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: arno@xxxxxxxxxxx GnuPG: ID: 1E25338F FP: 0C30 5782 9D93 F785 E79C 0296 797F 6B50 1E25 338F ---- Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans If it's in the news, don't worry about it. The very definition of "news" is "something that hardly ever happens." -- Bruce Schneier --------------------------------------------------------------------- dm-crypt mailing list - http://www.saout.de/misc/dm-crypt/ To unsubscribe, e-mail: dm-crypt-unsubscribe@xxxxxxxx For additional commands, e-mail: dm-crypt-help@xxxxxxxx
