On 2018-08-06 00:33, Michael Kjörling wrote: > On 5 Aug 2018 23:53 +0200, from mmorfikov@xxxxxxxxx (Mikhail Morfikov): >> # cryptsetup luksFormat -v -y -c aes-xts-plain64 >> --master-key-file=/tmp/master_key /dev/sdd1 >> >> But he was unable to decrypt the data (I know the ext4 superblock is damaged, >> but the volume can be tested whether it is decrypted or not, and in this case it >> wasn't). >> >> He said that the original container was created (probably) using this command: >> >> # cryptsetup -v -y -c aes-xts-plain64 -s 512 -h sha512 -i 5000 --use-random >> luksFormat /dev/sdd1 >> >> He ultimately found the header backup and everything went well, but I have a >> question -- what parameters are needed in order to recreate the header when the >> master key is known? > > Well, the cipher spec for one would obviously need to match exactly > for the newly created header to be useful for decrypting the existing > data. So depending on the defaults, the missing `-s 512` absolutely > could make a difference. > > My cryptsetup says the default for LUKS1 is aes-xts-plain64 with 256 > bits of key. So if your friend's system is similar to mine, chances > are good that the missing key length specifier had something to do > with it. The man page doesn't seem to say anything about what happens > if the provided master key file has a length different from the key > length that ends up being used by the selected cipher. > > Keep in mind that with XTS you're effectively running the cipher > itself in half the key length mode (so if you specify AES-XTS and 256 > bits of key, then the actual key used by AES is a 128 bit one). Thus, > the difference between specifying 512 bits and 256 bits means running > AES with a 256 bit key or a 128 bit key, respectively. Specifically > for AES, this also means running a different number of rounds; IIRC, > with a 256 bit key, AES uses 14 rounds, whereas with a 128 bit key, it > uses 10 rounds. So it's effectively a _very_ different cipher if you > use a different key length. > > Personally, I have written down the exact commands used to create the > LUKS containers, just in case. > > At least in this case your friend _had_ a header backup. > Thanks for the answer. _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx https://www.saout.de/mailman/listinfo/dm-crypt
