Well, Milan pointed you at the specification, you might want to read it, I quote: "To wipe the sectors containing the key material, start from the sector as recorded in key slot?s key-material-offset field, and proceed for phdr.key-bytes * ks.stripes bytes." There's complete pseudocode how to retrieve the MK from the keymaterial, you just need to read it. Regards -Sven On Sat, November 14, 2009 22:21, Si St wrote: > I have studied the different docu derived directly an linkwise indirectly > from Clemens Früwirth page. > > Now, > > Assuming that the the area 0x1000 was the area for the encrypted > masterkey, I notice that it is quite a bulk of material there. How much of > this area is the actual encr.MasterKey? The MK comprises 128 bits. The eMK > seems to comprise 0x1000-0x10a00 area for Bytes. So far info from the use > of /usr/bin/xxd. > > Is all of this the eMK or only a part of it? If only a part of it, what > else is this area containing? > > It is an usb-stick all is about here. At the end of the block area > information like this comes out, that for sure do not belong to the > encrypted key material: > > 0000 0000 d738 2d4a 9736 324a .........8-J.62J > 0010a10: 9736 324a 9736 324a 6400 0000 0000 0000 .62J.62Jd....... > > > To make it easy for you, you could just tell me the exact number of bytes > the eMK area should contain. There might be junk on my usb-stick from > former mkfs.ext2 that was not zeroed out before the luksFormat. I find > lost+found markings after the dd, (just to have said that),that is why I > ask about the size of the eMK area. > > Hope I am not making things to difficult for you. You are all nice guys. > > SS > ------------------------------------------------------- >> ----- Original Message ----- >> From: "Milan Broz" <mbroz@xxxxxxxxxx> >> To: dm-crypt@xxxxxxxx >> Subject: Re: The encrypted LUKS Master Key >> Date: Sat, 14 Nov 2009 19:22:01 +0100 >> >> >> On 11/14/2009 06:28 PM, Si St wrote: >> > A Question: >> > >> > Where is the encrypted MK located that decrypts the dm-encrypted >> partition? >> >> In the kesylot area (keyslot areas starts after that visible part >> of LUKS header), >> encrypted by the same cipher as data and obfuscated by algorithm >> described in LUKS specification >> http://code.google.com/p/cryptsetup/wiki/Specification >> >> > I believe to understand the point so far that the decrypted MK is >> > never written to disk, only to the memory. >> yes, decrypted MK is never stored on disk, only used to set >> dm-crypt mapping using dm-ioctl. >> >> For LUKS, the MK itself is generated using random data, passphrase >> only unlocks the keyslot area >> where is the MK stored. >> >> To exact specification please read the LUKS documentation above. >> >> Milan >> -- >> mbroz@xxxxxxxxxx >> _______________________________________________ >> dm-crypt mailing list >> dm-crypt@xxxxxxxx >> http://www.saout.de/mailman/listinfo/dm-crypt > >> > > > -- > _______________________________________________ > Surf the Web in a faster, safer and easier way: > Download Opera 9 at http://www.opera.com > > Powered by Outblaze > _______________________________________________ > dm-crypt mailing list > dm-crypt@xxxxxxxx > http://www.saout.de/mailman/listinfo/dm-crypt > _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt