Re: e4crypt - Possible to Change Passphrase?

[Eric Biggers <ebiggers3@gmail.com>]

+Cc Joe Richey <joerichey@google.com>

Hi Matt,

On Thu, Oct 26, 2017 at 11:20:16PM +0000, Grochowalski, Matthew (GE Aviation, US) wrote:
> Is it possible to change the passphrase of a folder encrypted using e4crypt set_policy?

e4crypt doesn't support changing the passphrase because it derives the master
encryption key directly from the passphrase, rather than using the
passphrase-derived key to unwrap another key.

> I'm assuming I'd need to copy everything from one directory to another with a
> different policy then delete the originals,

That's fine as a workaround, although keep in mind you probably should delete
the originals with 'shred' so that the old ciphertext (which is protected only
by the old passphrase) is less likely to still exist on disk.

> use as a passphrase then encrypt that with the actual user passphrase?

Loosely speaking, that approach will work and is actually the proper way to
support passphrase changes.  However, implementing key derivation and key
wrapping yourself is error-prone; it's the type of thing that is very easy to
implement insecurely without knowing it.  I suggest using the "fscrypt" program
(https://github.com/google/fscrypt) which has implemented this already, with the
wrapped keys stored in a ".fscrypt" directory in the root directory of the
filesystem.  It also has many other advantages, such as PAM support, and also
working for f2fs and ubifs.  In the future I expect we'll be more aggressively
advertising fscrypt and documenting e4crypt (and f2fscrypt, which is e4crypt
copy+pasted into f2fs-tools) as deprecated.  You can ask Joe Richey, who is the
primary author of the fscrypt program, for more details.

Eric