From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gebser@mousecar.com>
Received: from mail.saout.de ([127.0.0.1])
 by localhost (mail.saout.de [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id BBwLjTl9z7H4 for <dm-crypt@saout.de>;
 Tue, 19 Jun 2012 18:56:14 +0200 (CEST)
Received: from mout.perfora.net (mout.perfora.net [74.208.4.194])
 by mail.saout.de (Postfix) with ESMTP
 for <dm-crypt@saout.de>; Tue, 19 Jun 2012 18:56:14 +0200 (CEST)
Message-ID: <4FE0AF28.4040909@mousecar.com>
Date: Tue, 19 Jun 2012 12:56:08 -0400
From: ken <gebser@mousecar.com>
MIME-Version: 1.0
References: <4FE05A32.9010402@gresille.org>
In-Reply-To: <4FE05A32.9010402@gresille.org>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Subject: Re: [dm-crypt] Option "validate passphrase" for command cryptsetup
Reply-To: gebser@mousecar.com
List-Id: <dm-crypt.saout.de>
List-Unsubscribe: <http://www.saout.de/mailman/options/dm-crypt>,
 <mailto:dm-crypt-request@saout.de?subject=unsubscribe>
List-Archive: <http://www.saout.de/pipermail/dm-crypt>
List-Post: <mailto:dm-crypt@saout.de>
List-Help: <mailto:dm-crypt-request@saout.de?subject=help>
List-Subscribe: <http://www.saout.de/mailman/listinfo/dm-crypt>,
 <mailto:dm-crypt-request@saout.de?subject=subscribe>
To: Louis <spalax@gresille.org>, dm-crypt <dm-crypt@saout.de>

Louis,

Thanks for this.  Yes, I would like the makefile and configure.ac files.

Last year I encountered the very problem your program is meant to avoid: 
  It was months since I entered my LUKS passphrase and I'd forgotten it. 
  With the hope that I might remember it one day, I mounted the disk in 
another machine and wrote a bash script to try out passphrases on it... 
but I haven't discovered it yet.  Now I'm looking for other options.

So two questions:

Will this program work on just the LUKS header?  Or does it work only on 
the entire mount point (with all the data therein included)?

Is there a delay of some seconds required between invocations?


Thanks much.


On 06/19/2012 06:53 AM Louis wrote:
> 	Hello,
> 	for information, I wrote a small C program to check if the given
> passphrase is correct, without doing anything on the disk. The command
> is used this way:
>
> 	$ cryptsetup_check_passphrase /dev/sda1
> 	Enter passphrase for /dev/sda1:<MY_SECRET_PASSPHRASE>
> 	Valid key (slot 0)
> 	$
>
> 	If you think it can benefit cryptsetup, I offer to write the necessary
> patch to include it to cryptsetup (as a "luksValidateKey" LUKS action).
>
>
> # why do I need such a command ?
>
> 	We are a group of hacktivists who offer some online services (such as
> email addresses). Our disks are encrypted using LUKS. As we are six
> members operating the server, and we reboot it only a few times a year,
> it may happen that some of us only use the passphrase once in two years,
> which is prone to forgetting. So we want a way to, once in a while (at
> our monthly meetings), check that we still know our passphrase, without
> risking to do something on the disk (creating, removing partition,
> deleting passphrases, etc.).
>
> # Security risks
>
> 	Isn't this function a wonderful tool to try brute force attacks ? I do
> not think so. Attacker needs to be root to run it, at which point (s)he
> can already do a lot of harmful things. Moreover, once (s)he is root,
> attacker might as well compile the program I just wrote to try this
> brute force attack. To sum up: Yes, it can be used to brute force the
> partition, but nothing more that what was possible to do without this tool.
>
> 	Regards,
> 	Louis
>
> PS : Not to overload this list with many files, I only give
> you here the C code. If you want the makefile and configure.ac, just ask.
>
>
> #include<stdio.h>
> #include<stdlib.h>
> #include<string.h>
>
> #include<libcryptsetup.h>
>
> void usage() {
>    printf("cryptsetup_check_passphrase LUKSDEVICE\n");
> }
>
> int check_passphrase(const char* device_name) {
>    int keyslot;
>    int error;
>    int status;
>    struct crypt_device *cd = NULL;
>
>    if ((error = crypt_init(&cd, device_name))) {
>      printf("Could not open device \"%s\": %s\n", device_name,
> strerror(-error));
>      return 1;
>    }
>    if ((error = crypt_load(cd, NULL, NULL))) {
>      printf("Could not load device \"%s\": %s\n", device_name,
> strerror(-error));
>      return 1;
>    }
>
>    keyslot = crypt_activate_by_passphrase(cd, NULL, CRYPT_ANY_SLOT, NULL,
> 0, 0);
>    if (keyslot>= 0) {
>      printf("Valid key (slot %u)\n", keyslot);
>      status = 0;
>    } else {
>      printf("No matching key found: %s\n", strerror(-keyslot));
>      status = 1;
>    }
>    crypt_free(cd);
>    return status;
> }
>
> int main( int argc, const char* argv[] ) {
>    int status;
>
>    /* Parsing arguments */
>    if (argc != 2) {
>      usage();
>      return 1;
>    }
>
>    /* Check */
>    status = check_passphrase(argv[1]);
>
>    return status;
> }
> _______________________________________________
> dm-crypt mailing list
> dm-crypt@saout.de
> http://www.saout.de/mailman/listinfo/dm-crypt