From: Robert Nichols <rnicholsNOSPAM@comcast.net>
To: dm-crypt@saout.de
Subject: Re: [dm-crypt] Decrypting a drive; says a correct password is "incorrect"
Date: Tue, 10 Jan 2017 09:43:46 -0600 [thread overview]
Message-ID: <o52vfd$1if$1@blaine.gmane.org> (raw)
In-Reply-To: <CAOoEu4Qdkr4qnpoEzevETVy4L8z03S9LOsyjCFGMnFo=WwGBNw@mail.gmail.com>
On 01/10/2017 02:47 AM, K Mmmm wrote:
> Thanks for your help, Bob. I have run the keyslot checker, and there
> appears to be damage.
>
> I read in many places that this means the data is simply
> irrecoverable. But I don't understand how that could be so. Assuming I
> know my password, couldn't I theoretically brute-force each of these
> areas where entropy is low? Is it because there are likely to be
> other areas with low entropy that are not detected by the checker?
> Would changing the sector size help? Or, is my understanding of hard
> disks just so bare, that I fail to realize how difficult this would
> be? If nobody answers, I'll assume it's hopeless, as based on the
> following output, this is what my inclination is to believe. If
> someone has a "wild idea" (the possibility of recovering the key from
> RAM is long gone), then I am certainly willing to try it -- even if it
> takes a decade or so to unlock. It's a crypto wallet with just enough
> to pay off my first year of medical school loans...
>
> root@pony:/home/m/cryptsetup-master/misc/keyslot_checker#
> ./chk_luks_keyslots /dev/sdb5
>
> parameters (commandline and LUKS header):
> sector size: 512
> threshold: 0.900000
>
> - processing keyslot 0: start: 0x001000 end: 0x03f800
> low entropy at: 0x005000 entropy: 0.000000
> low entropy at: 0x005200 entropy: 0.000000
> low entropy at: 0x005400 entropy: 0.000000
> low entropy at: 0x005600 entropy: 0.000000
> low entropy at: 0x005800 entropy: 0.000000
> low entropy at: 0x005a00 entropy: 0.000000
> low entropy at: 0x005c00 entropy: 0.000000
> low entropy at: 0x005e00 entropy: 0.000000
> low entropy at: 0x038000 entropy: 0.000000
> low entropy at: 0x038200 entropy: 0.000000
> low entropy at: 0x038400 entropy: 0.000000
> low entropy at: 0x038600 entropy: 0.000000
> low entropy at: 0x038800 entropy: 0.000000
> low entropy at: 0x038a00 entropy: 0.000000
> low entropy at: 0x038c00 entropy: 0.000000
> low entropy at: 0x038e00 entropy: 0.000000
> - processing keyslot 1: keyslot not in use
> - processing keyslot 2: keyslot not in use
> - processing keyslot 3: keyslot not in use
> - processing keyslot 4: keyslot not in use
> - processing keyslot 5: keyslot not in use
> - processing keyslot 6: keyslot not in use
> - processing keyslot 7: keyslot not in use
That would definitely make it worth sending the drive to a professional
data recovery company and ask them to try to recover just those 16
missing sectors.
--
Bob Nichols "NOSPAM" is really part of my email address.
Do NOT delete it.
next prev parent reply other threads:[~2017-01-10 15:44 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-01-05 2:34 [dm-crypt] Decrypting a drive; says a correct password is "incorrect" K Mmmm
2017-01-06 15:57 ` Robert Nichols
2017-01-10 8:47 ` K Mmmm
2017-01-10 9:06 ` Sven Eschenberg
2017-01-10 9:22 ` Arno Wagner
2017-01-10 10:23 ` Sven Eschenberg
2017-01-10 13:58 ` Arno Wagner
2017-01-10 9:18 ` Arno Wagner
2017-01-10 15:43 ` Robert Nichols [this message]
2017-01-11 1:47 ` Arno Wagner
2017-01-11 2:17 ` Robert Nichols
-- strict thread matches above, loose matches on Subject: below --
2017-01-05 16:22 Arno Wagner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='o52vfd$1if$1@blaine.gmane.org' \
--to=rnicholsnospam@comcast.net \
--cc=dm-crypt@saout.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.