On Wed, Dec 02, 2009 at 02:51:47PM +0100, julie_nuckey@xxxxxxxxxxxxxxxx wrote: > Thanks for the information, but I was hoping for a little more detail. > > I really want to know if it possible for the password/key to be exposed in > the process of transferring it from user mode to kernel mode, or if it > could remain in memory as a result, that's why I'm asking about the > mechanics of what happens between cryptsetup (user mode) and dm-crypt > (kernel mode). That really depens on how careful the user-space tool was designed and what the attacker can do. I think cryptsetup uses locked memory and wipes it afterwards. That is about all the user space application can do. Note however that a root attacker can get the key from kernel space anyways. Some attacks on DVD encryption have used this (non Linux, but same principle). > In "plain" mode the password must be passed to the kernel, but in LUKS > mode, the password is used to decrypt the master key which is in the > kernel. The master key is on disk in the LUKS header. It is unpacked by the userspace tool and then give to the kernel, just as a user-typed key would be. > If cryptsetup is user mode only, what exactly does the kernel mode > decryption of the master key? Can't be dm-crypt as this doesn't know > anything about LUKS. Indeed. See above. > BTW, sorry about the missing line breaks, don't know what happened there. I'll remember > to put in hard ones in future. Thanks. Many browser-type mailers also have a config option to do that automatically. If you have the option, go for <= 72 chars/line. Arno > > -----Original Message----- > From: dm-crypt-bounces@xxxxxxxx [mailto:dm-crypt-bounces@xxxxxxxx] On Behalf Of Arno Wagner > Sent: 02 December 2009 12:21 > To: dm-crypt@xxxxxxxx > Subject: Re: Mechanics > > On Wed, Dec 02, 2009 at 12:20:31PM +0100, julie_nuckey@xxxxxxxxxxxxxxxx wrote: > > > > I'm trying to understand the mechanics of how dm-crypt and cryptsetup > > work, in particular how data such as the password/key-file data is passed > > from user mode to kernel mode, and also generally what does what when > > setting up an encrypted volume. > > > > > > > > As I understand it, dm-crypt is a pure kernel-mode application that does > > the encryption and decryption of data on the fly. It works independently > > of any on-disk format such as metadata like that used by LUKS. Have I got > > that right? > > Yes. It will happily de-/encrypt random data. No checking at all, not > a single bit of metadata. Incidentially a dm-crypt volume (after > an encrypted overwrite) is indistinguishable for a volume wiped > with cryptographically strong randomness. In fact I use dm-crypt > to wipe disks: > 1.) Set-up with random key (from /dev/random) > 2.) Overwrite with weak randomness or zeros. > > > > And cryptsetup is the pure user-mode application and this can work in > > "plain" mode, ie without LUKS, or in LUKS mode. Is that right? So how does > > the password/key get from cryptsetup (user mode) to dm-crypt (kernel mode) > > and does it differ depending on whether I'm using plain or LUKS mode? Does > > it use tables? Is the password/key written to the tables? > > My guess would be that the key data is basically the same as for > directly using ciphers in the kernel. Some call will transfer them. > No idea about the details, but dm-crypt is basically a device mapper > target and should use the same mechanisms. The device mapper page > at http://sources.redhat.com/dm/ may have more information. > > > In LUKS mode, does cryptsetup generate the master key? In user mode? Does > > cryptsetup create/edit the metadata? > > Yes, AFAIK. The kernel does not understand LUKS. > > > Thanks in advance for any clarification anyone can provide. > > Side note: What about linebreaks? It is not nice to have to reformat > your message before answering... > > > Arno > > > -- > Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: arno@xxxxxxxxxxx > GnuPG: ID: 1E25338F FP: 0C30 5782 9D93 F785 E79C 0296 797F 6B50 1E25 338F > ---- > Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans > > If it's in the news, don't worry about it. The very definition of > "news" is "something that hardly ever happens." -- Bruce Schneier > _______________________________________________ > dm-crypt mailing list > dm-crypt@xxxxxxxx > http://www.saout.de/mailman/listinfo/dm-crypt > > Trend Micro EMEA (GB) Limited, a Limited Liability Company. Registered in England No. 06766734. > Registered office: Eversheds House, 70 Great Bridgewater Street, Manchester, M1 5ES > Trend Micro (UK) Limited, a Limited Liability Company. Registered in England No. 3698292. > Registered Office: Pacific House, Third Avenue, Globe Business Park, Marlow, Bucks, SL7 1YL > Telephone: +44 1628 400500 Facsimile: +44 1628 400511 > > This communication and any accompanying files and attachments are intended only for the recipient to whom it is addressed. > If you have received this communication in error, please immediately notify the Sender. You are further notified that any disclosure, > copying or other distribution of this communication, including its attachments is strictly prohibited. > -- Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: arno@xxxxxxxxxxx GnuPG: ID: 1E25338F FP: 0C30 5782 9D93 F785 E79C 0296 797F 6B50 1E25 338F ---- Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans If it's in the news, don't worry about it. The very definition of "news" is "something that hardly ever happens." -- Bruce Schneier _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
