On 11/14/2009 06:28 PM, Si St wrote: > A Question: > > Where is the encrypted MK located that decrypts the dm-encrypted partition? In the kesylot area (keyslot areas starts after that visible part of LUKS header), encrypted by the same cipher as data and obfuscated by algorithm described in LUKS specification http://code.google.com/p/cryptsetup/wiki/Specification > I believe to understand the point so far that the decrypted MK is never written to disk, only to the memory. yes, decrypted MK is never stored on disk, only used to set dm-crypt mapping using dm-ioctl. For LUKS, the MK itself is generated using random data, passphrase only unlocks the keyslot area where is the MK stored. To exact specification please read the LUKS documentation above. Milan -- mbroz@xxxxxxxxxx _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
