[dm-crypt] Crypto operation

[dm-crypt] Crypto operation

[octane indice]

Hello,

In order to better understand how cryptsetup works, I'm asking if there is a
'big picture' or a debug mode explaining how things are done. (I'm asking
about cryptsetup, not LUKS).

e.g. An explanation as. Password is taken from command line. 
A read is made through /dev/mapper/crypted_disk
The first block is read. The AES-128-cbc operation is computed with options
like, iv= K= or salt=...
When we write a block, then which things are done, and so on.

Is there a tech documentation explaining that? The goal for me would to use
openssl in order to make a decryption of a disk ciphered by cryptsetup and
vice-versa.

In a second time, I would think that it works the salme way with Luks,
excepts that the password is read from the luks header nad crypto operation
begins beyond the luks header.

Thanks







-----------------------------------

Envoyé avec Inmano, ma messagerie renversante et gratuite : http://www.inmano.com

Re: [dm-crypt] Crypto operation

[Milan Broz]

On 11/05/2010 10:49 AM, octane indice wrote:

> In order to better understand how cryptsetup works, I'm asking if there is a
> 'big picture' or a debug mode explaining how things are done. (I'm asking
> about cryptsetup, not LUKS).

Then you are not asking about cryptsetup, but just about how dm-crypt works:)

Cryptsetup just configures dm-crypt, there is no userspace crypto related
(except LUKS operation or passphrase hashing in plain mode 
- output of this is just volume key directly used in dm-crypt)

Start with kernel documentation
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=blob_plain;f=Documentation/device-mapper/dm-crypt.txt;hb=HEAD

you can get active mapped target (after cryptsetup configures it) with
dmsetup table --showkeys

you can configure it using dmsetup too
(dmsetup is just wrapper around dm-ioctl calls)

> e.g. An explanation as. Password is taken from command line. 
> A read is made through /dev/mapper/crypted_disk
> The first block is read. The AES-128-cbc operation is computed with options
> like, iv= K= or salt=...
> When we write a block, then which things are done, and so on.

that's not job for cryptsetup, this is how dm-crypt works

Example: in plain mode:
- cryptsetup reads passphrase, hashes it using specified hash alg
and use it directly as volume key

- in luks mode it decrypts keyslot and read volume key from there

The enryption in dm-crypt is common mode for storage FDE, each sector (512B)
is encrypted separately with given cipher and mode) and initial vector.

E.g. aes-cbc-plain : used cipher AES, cbc mode (so the 512B sector is divided
to 16bytes cipher blocks for CBC) and with initial vector "plain" what here means
just sector number.

> Is there a tech documentation explaining that? The goal for me would to use
> openssl in order to make a decryption of a disk ciphered by cryptsetup and
> vice-versa.

That makes no sense to me (if you are using Linux), except some exercise
with openssl.
What is the real goal here? Can you please explain it?

> In a second time, I would think that it works the salme way with Luks,
> excepts that the password is read from the luks header nad crypto operation
> begins beyond the luks header.

passphrase in LUKS mode is neither derived nor related to volume key used in encryption.
passphrase just unlocks the slot where the key is stored.

Milan

Re: [dm-crypt] Crypto operation

[Arno Wagner]

On Fri, Nov 05, 2010 at 10:49:33AM +0100, octane indice wrote:
> Hello,
> 
> In order to better understand how cryptsetup works, I'm asking if there is a
> 'big picture' or a debug mode explaining how things are done. (I'm asking
> about cryptsetup, not LUKS).

As MIlan already wrote, it is basically just the application 
of two crypto algorithms, both of which are not in cryptsetup, 
but in the kernel. As they are used in the context of the 
device mapper, they need to be in the kernel, but if you do 
direct access via an userspace application, they can be anywhere.

For your experiments, I recomend that you use a small loop-file,
mount it via dm-crypt and put some plaintext in it, e.g. like 
this:

  head -c 1M /dev/zero > cfile   # create empty file
  losetup /dev/loop0 cfile        
  cryptsetup create c1 /dev/loop0 
  man bash > /dev/mapper/c1
  cryptsetup remoce c1
  losetup -d /dev/loop0

You can then trial decrypt cfile. You can use --cipher,
and --hashto set something simpler than the
curent defaults of aes-cbc-essiv:sha256, ripemd160,
but that should not make too much of a difference.

You can read about cipher modes here, if you want to do
the mode yourself:
  http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation

ESSIV is described here:
  http://en.wikipedia.org/wiki/ESSIV#ESSIV
with the hash that listed after the ':' in the cipher spec.

Arno
-- 
Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: arno@wagner.name 
GnuPG:  ID: 1E25338F  FP: 0C30 5782 9D93 F785 E79C  0296 797F 6B50 1E25 338F
----
Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans

If it's in the news, don't worry about it.  The very definition of 
"news" is "something that hardly ever happens." -- Bruce Schneier 

Re: [dm-crypt] Crypto operation

[octane indice]

En réponse à Milan Broz <mbroz@redhat.com> :
> > Ok, what is this hash alg?
> 
> cryptsetup --help (with cryptsetup 1.1.3) shows defaults:
>
Ok, thanks
 
> anyway, read this
> http://www.markus-gattol.name/ws/dm-crypt_luks.html
>
yes, interesting
 
> you did so many mistakes here.... that you provoke me
> to try it myself:-)

:-)

>  # openssl aes-128-cbc -nosalt -d -in dm.img -K
6469726563746b657900000000000000 -out dmc.img -iv 0 -p

Thank you very much, it will help me a lot.



> ------------------- Fin du message d'origine ---------------------









Envoyé avec Inmano, ma messagerie renversante et gratuite : http://www.inmano.com