Hello, Attached you will find my explicit description of the problem I already posted to several news groups like this Message-ID <4543608.1EYhl2MHyX@xxxxxxxxxxxxxxxxxxxxx> without getting any ansers so far. I even wrote to the authors of the LRW kernel modules who told me to better ask the LUKS community... Regards, Massimo Burcheri --------------- Weitergeleitete Nachricht (Anfang) Betreff: Incompatible LRW changes from 2.6.27 to 2.6.29? Absender: Massimo Burcheri <massimo.burcheri@xxxxxx> Datum: Tue, 01 Sep 2009 16:49:30 +0200 Newsgruppe: comp.os.linux.development.system Hello, since 2.6.29 (especially patched linux-2.6.29-gentoo-r5) I cannot open a LUKS encrypted partition anymore. The same with 2.6.30. Under 2.6.27 it still works. By cryptsetup -c twofish or without -c option (that is AES by default) there are no problems with using encrypted partitions on both kernels. Therefore it could be related to the LRW option. My applied cipher is twofish-lrw-benbi:sha256. Kernel configuration on "Cryptographic API is unchanged from 2.6.27 to the more recent. I did some tests with LUKS-encrypted loop disks. There I noticed that this cipher is incompatible from 2.6.27 to 2.6.29/30. With both kernels I can format like this: ,---- | # cryptsetup luksFormat -c twofish-lrw-benbi:sha256 \ | -s 256 -h sha1 /dev/loop1 `---- But the resulting encrypted partition cannot be opened with the other kernel (neither from 27 to 29 nor from 29 to 27: /No key available with this passphrase./ Opening with the same kernel works. The LUKS headers of encryptions from the different kernels look identical: ,----[ # cryptsetup luksDump /dev/loop1 ] | LUKS header information for /dev/loop1 | | Version: 1 | Cipher name: twofish | Cipher mode: lrw-benbi:sha256 | Hash spec: sha1 | Payload offset: 2056 | MK bits: 256 | MK digest: 3a 10 55 b7 e9 51 bc 97 3c 8d 91 80 cb 1d 88 54 df b8 0e c9 | MK salt: ae 8d bf 92 31 cd e6 3a 77 c4 e8 02 61 62 b6 4e | 42 91 52 fb 3a 1b 42 8d b3 6c e9 83 b3 91 ec e9 | MK iterations: 10 | UUID: 06c85177-a209-4ebf-bbdc-50dc96ee6467 | | Key Slot 0: ENABLED | Iterations: 228229 | Salt: 4b d8 65 b6 a5 db 35 3f 92 d3 d6 b4 97 8a 63 5b | b1 a3 80 bd 33 90 56 63 d3 a0 f7 fd 44 3c a3 d4 | Key material offset: 8 | AF stripes: 4000 | Key Slot 1: DISABLED | Key Slot 2: DISABLED | Key Slot 3: DISABLED | Key Slot 4: DISABLED | Key Slot 5: DISABLED | Key Slot 6: DISABLED | Key Slot 7: DISABLED `---- cryptsetup version is 1.0.6-r2. Has someone noticed the same? Or is that a Gentoo Patch-set issue? From there I still got no answers [1]. Just as in the german group [2]. I will switch to newer (and better) XTS soon. Regards, Massimo References: [1] https://forums.gentoo.org/viewtopic-t-775793.html [2] <1781787.Dl8k9oMu2H@xxxxxxxxxxxxxxxxxxxxx> --------------- Weitergeleitete Nachricht (Ende) _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
