Re: The encrypted LUKS Master Key

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 11/14/2009 06:28 PM, Si St wrote:
> A Question:
> 
> Where is the encrypted MK located that decrypts the dm-encrypted partition?

In the kesylot area (keyslot areas starts after that visible part of LUKS header),
encrypted by the same cipher as data and obfuscated by algorithm
described in LUKS specification http://code.google.com/p/cryptsetup/wiki/Specification

> I believe to understand the point so far that the decrypted MK is never written to disk, only to the memory.
yes, decrypted MK is never stored on disk, only used to set dm-crypt mapping using dm-ioctl.

For LUKS, the MK itself is generated using random data, passphrase only unlocks the keyslot area
where is the MK stored.

To exact specification please read the LUKS documentation above.

Milan
--
mbroz@xxxxxxxxxx
_______________________________________________
dm-crypt mailing list
dm-crypt@xxxxxxxx
http://www.saout.de/mailman/listinfo/dm-crypt

[Index of Archives]     [Device Mapper Devel]     [Fedora Desktop]     [ATA RAID]     [Fedora Marketing]     [Fedora Packaging]     [Fedora SELinux]     [Yosemite News]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux