Kindly unsubscribe me from the mailing list ________________________________________ From: dm-crypt-bounces@xxxxxxxx [dm-crypt-bounces@xxxxxxxx] On Behalf Of Arno Wagner [arno@xxxxxxxxxxx] Sent: Thursday, December 02, 2010 11:09 PM To: dm-crypt@xxxxxxxx Subject: Re: Is partial LUKS recovery possible? Hi Miklos, the salt is key-grade material, so without salt, you are about in the same situatuion as you are without master key. Basically everything in the header can be re-created but the salt, and therefore recovery without header is not possible. It is not that intuitive, but salting itself is not intuitive at first glance. Salts only work if they are non-predictable and that is just the condition that a key must fulfill. So, sorry, but without header backup you data is gone and that is by design. Hopefully these disasters will get less frequent now that the FAQ is part of the cryptsetup distribution. I think I will add an explanation to the FAQ about what a salt is and how it is integrated in LUKS. This will hopefully make things even clearer. Gr"usse, Arno On Thu, Dec 02, 2010 at 01:15:52PM +0100, Miklos Bagi wrote: > Apologies for replying my own post. > > I believe I found the not so happy answer for me in Dr. Wagner's monthly > FAQ. > > Is it possible to provide salt manually? > Implementing a simple logic may allow re-generating the original header > in case something bad happens, but I admit it makes sense keeping > backups of lhdrs somewhere safe. > > Thanks, > Miklos > > On 12/02/2010 11:28 AM, Miklos Bagi wrote: > > Hi all, > > > > I'm hoping to get directions with a 'small' recovery task. > > > > Given a partition that's known to be a broken LUKS one, lhdr is missing > > (incl magic, chipher, hash, uuid, etc.), however there are some facts known: > > - chipher: aes-cbc-essiv:sha256 > > - keysize: 256 bits > > - offset: 2056 sectors > > - most importantly: we have the master key file available. > > > > I have the suspicion that the first approx 10% of the partition have > > been overwritten with random data. > > What are the chances of recovering any data in the given scenario? > > > > Thanks in advance, > > mB > > > > _______________________________________________ > dm-crypt mailing list > dm-crypt@xxxxxxxx > http://www.saout.de/mailman/listinfo/dm-crypt > -- Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: arno@xxxxxxxxxxx GnuPG: ID: 1E25338F FP: 0C30 5782 9D93 F785 E79C 0296 797F 6B50 1E25 338F ---- Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans If it's in the news, don't worry about it. The very definition of "news" is "something that hardly ever happens." -- Bruce Schneier _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt SASKEN BUSINESS DISCLAIMER: This message may contain confidential, proprietary or legally privileged information. In case you are not the original intended Recipient of the message, you must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message and you are requested to delete it and inform the sender. Any views expressed in this message are those of the individual sender unless otherwise stated. Nothing contained in this message shall be construed as an offer or acceptance of any offer by Sasken Communication Technologies Limited ("Sasken") unless sent with that express intent and with due authority of Sasken. Sasken has taken enough precautions to prevent the spread of viruses. However the company accepts no liability for any damage caused by any virus transmitted by this email. Read Disclaimer at http://www.sasken.com/extras/mail_disclaimer.html _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
