Question about journal integrity / encryption

Question about journal integrity / encryption

[LRS]

I tried to create a volume with the following command:

cryptsetup luksFormat --type luks2 /dev/sdb --cipher aes-xts-plain64
--integrity hmac-sha256


If I see the json header of Luks2 i see the following part:

"integrity": {
        "type": "hmac(sha256)",
        "journal_encryption": "none",
        "journal_integrity": "none"
      }
    }

in which I understand that the journal is not encrypted, isn't this a
security issue? Is it possible to encrypt it somehow?

Re: Question about journal integrity / encryption

[Milan Broz]

On 12/3/23 15:31, LRS wrote:
> I tried to create a volume with the following command:
> 
> cryptsetup luksFormat --type luks2 /dev/sdb --cipher aes-xts-plain64
> --integrity hmac-sha256
> 
> 
> If I see the json header of Luks2 i see the following part:
> 
> "integrity": {
>          "type": "hmac(sha256)",
>          "journal_encryption": "none",
>          "journal_integrity": "none"
>        }
>      }
> 
> in which I understand that the journal is not encrypted, isn't this a
> security issue? Is it possible to encrypt it somehow?

Yes, for LUKS2 journal metadata are not encrypted.
You cannot currently use encrypted dm-integrity journal with LUKS2 (only
for standalone dm-integrity).
I planned to add it one day, but it need to define how derive key for
the integrity journal.

Data are stored in journal are encrypted (only journal metadata are not encrypted),
so what attacker can do is to reply old encrypted data (or wrong data - but that
will be detected later on read).
All of this can be done with the physical access to media anyway.

Milan