[dm-crypt] Non-standard cipher mode

[dm-crypt] Non-standard cipher mode

[FLD]

I accidentally created a luks container using option --cipher
aes-xts-plain64:sha512. Everything seems to be working correctly and
luksDump shows: "Cipher mode:    xts-plain64:sha512". I wonder if I
should hexedit the header manually and replace the ":sha512" part with
nulls since the proper format would be just "xts-plain64" since the
cipher does not need a hash for the ESSIV?

Re: [dm-crypt] Non-standard cipher mode

[Arno Wagner]

DO NOT EDIT THE HEADER. This will make your LUKS container
inaccessible until you reverse the changes. What you now
have is an aes-xts-plain64:sha512 container. You do not have
ESSIV anywhere in there, XTS is an alternative to CBC-ESSIV.

That said, if you want aother cipher or mode, easiest way is 
to re-create the container. A bit harder and risky without 
backup is to use Milan's reencryption tool.

Arno

On Wed, Dec 18, 2013 at 12:45:39 CET, FLD wrote:
> I accidentally created a luks container using option --cipher
> aes-xts-plain64:sha512. Everything seems to be working correctly and
> luksDump shows: "Cipher mode:    xts-plain64:sha512". I wonder if I
> should hexedit the header manually and replace the ":sha512" part with
> nulls since the proper format would be just "xts-plain64" since the
> cipher does not need a hash for the ESSIV?
> _______________________________________________
> dm-crypt mailing list
> dm-crypt@saout.de
> http://www.saout.de/mailman/listinfo/dm-crypt

-- 
Arno Wagner,     Dr. sc. techn., Dipl. Inform.,    Email: arno@wagner.name
GnuPG: ID: CB5D9718  FP: 12D6 C03B 1B30 33BB 13CF  B774 E35C 5FA1 CB5D 9718
----
There are two ways of constructing a software design: One way is to make it
so simple that there are obviously no deficiencies, and the other way is to
make it so complicated that there are no obvious deficiencies. The first
method is far more difficult.  --Tony Hoare

Re: [dm-crypt] Non-standard cipher mode

[Milan Broz]

On 12/18/2013 05:13 PM, Arno Wagner wrote:
> DO NOT EDIT THE HEADER. This will make your LUKS container
> inaccessible until you reverse the changes. What you now
> have is an aes-xts-plain64:sha512 container. You do not have
> ESSIV anywhere in there, XTS is an alternative to CBC-ESSIV.
> 
> That said, if you want aother cipher or mode, easiest way is 
> to re-create the container. A bit harder and risky without 
> backup is to use Milan's reencryption tool.

Well, I fully agree.. but this case is kind of special.

The dmcrypt plain64 IV doesn't take additional arguments
(kernel should probably not allow to use them and not silently
ignore it...) so plain64 is exactly the same as plain64:sha512.

So properly editing header should help, but you have to be very
careful. (Use backup file, allow write access to it and edit
in some good hexa editor and restore it). Eveb one bit mistake
in keyslot area and your data are gone...

Really, if you can recreate whole device it could be better.
(Reecryption using cryptsetup-reencrypt is an option as well,
but it will take long time.)

Milan

> 
> Arno
> 
> On Wed, Dec 18, 2013 at 12:45:39 CET, FLD wrote:
>> I accidentally created a luks container using option --cipher
>> aes-xts-plain64:sha512. Everything seems to be working correctly and
>> luksDump shows: "Cipher mode:    xts-plain64:sha512". I wonder if I
>> should hexedit the header manually and replace the ":sha512" part with
>> nulls since the proper format would be just "xts-plain64" since the
>> cipher does not need a hash for the ESSIV?
>> _______________________________________________
>> dm-crypt mailing list
>> dm-crypt@saout.de
>> http://www.saout.de/mailman/listinfo/dm-crypt
>