From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.saout.de ([127.0.0.1]) by localhost (mail.saout.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IgLMyY_IbWJ0 for ; Fri, 18 May 2012 13:23:29 +0200 (CEST) Received: from relay4-d.mail.gandi.net (relay4-d.mail.gandi.net [217.70.183.196]) by mail.saout.de (Postfix) with ESMTP for ; Fri, 18 May 2012 13:23:29 +0200 (CEST) Date: Fri, 18 May 2012 13:23:13 +0200 From: Kereoz Message-ID: <20120518112311.GD4505@localhost> References: <20120516170339.GC4505@localhost> <20120517072728.GA11304@tansi.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20120517072728.GA11304@tansi.org> Subject: Re: [dm-crypt] Brute force aes-plain List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: dm-crypt@saout.de Cc: Arno Wagner On Thu, May 17, 2012 at 09:27:28AM +0200, Arno Wagner wrote: > Hi, Hi, > > I don't know for sure whether I forgot the key or I am using the wrong > > algorithm, as the version of cryptsetup I was using at the time was different > > (different Debian release) and I read the defaults have changed. I am fairly > > sure I used the '-c aes-plain' option initially but I had no luck with it. I > > also tried aes-cbc-essiv and had no luck either. Is there anything else I could > > try ? > > You could just intsall that old release to be sure. Or maybe just > get the binary or source package and check that way. But AFAIK > Debian never changed anything from the package defaults, so these > two should be it. I'll give it a go just in case (probably using the Debian snapshots to make sure I reproduce the same behavior may it be different). > > Is there anything faster I could use here ? I assume the best solution would be > > to extract a couple of blocks from the hard drive, those containing the > > filesystem superblock, decrypt it and then try to match the filesystem magic > > number (reiser). > > Yes. There is a filesystem recognition linrary somewhere > (used by mount -t auto), that may also be helpful. Good to know, I'll check this out. Reiser is fairly easy to recognize though (as you can just grep the "reiser" string). > > I don't know how to do the decryption part quick enough for a > > brute-force approch. Any suggestion would be appreciated. > > Hmm. Use the password hashing from the c-sources of cryptsetup (it is a > bit more complicated than just direct hashing) and instead of doing > a mapping, use an external AES implementation (gcrypt, openssl, etc.) > to decrypt your test-data. Make sure to get the IV right. It should > be the sector number for "-plain". Perfect, this is exactly what I needed to know. > I would suggest to make this work first with generated test-data. (New > volume, new FS, key e.g. "abc"), and when that works then try > it on you actual data. May take a few days of programming though. I'll have a look when I have some time and will let the list know if I get it to work. Thank you for your answer. -- Kereoz