Mechanics

<julie_nuckey@xxxxxxxxxxxxxxxx> · Wed, 2 Dec 2009 12:20:31 +0100

I’m trying to understand the mechanics of how dm-crypt
and cryptsetup work, in particular how data such as the password/key-file data
is passed from user mode to kernel mode, and also generally what does what when
setting up an encrypted volume.

As I understand it, dm-crypt is a pure kernel-mode
application that does the encryption and decryption of data on the fly. It
works independently of any on-disk format such as metadata like that used by
LUKS. Have I got that right?

And cryptsetup is the pure user-mode application and this
can work in “plain” mode, ie without LUKS, or in LUKS mode. Is that
right? So how does the password/key get from cryptsetup (user mode) to dm-crypt
(kernel mode) and does it differ depending on whether I’m using plain or
LUKS mode? Does it use tables? Is the password/key written to the tables?

In LUKS mode, does cryptsetup generate the master key? In
user mode? Does cryptsetup create/edit the metadata?

Thanks in advance for any clarification anyone can provide.

Trend Micro EMEA (GB) Limited, a Limited Liability Company. Registered in England No. 06766734. 
Registered office: Eversheds House, 70 Great Bridgewater Street, Manchester, M1 5ES
Trend Micro (UK) Limited, a Limited Liability Company. Registered in England No. 3698292. 
Registered Office: Pacific House, Third Avenue, Globe Business Park, Marlow, Bucks, SL7 1YL 
Telephone: +44 1628 400500 Facsimile: +44 1628 400511

This communication and any accompanying files and attachments are intended only for the recipient to whom it is addressed. 
If you have received this communication in error, please immediately notify the Sender. You are further notified that any disclosure, 
copying or other distribution of this communication, including its attachments is strictly prohibited.
_______________________________________________
dm-crypt mailing list
dm-crypt@xxxxxxxx
http://www.saout.de/mailman/listinfo/dm-crypt