[dm-crypt] LUKS & search for passphrase using dictionary

Milan Broz gmazyland at gmail.com
Fri Jul 20 00:48:17 CEST 2012


Hi,

>From time to time someone tries to recover (or crack) LUKS passphrase
using dictionary lists.
I saw lately even some crazy patches for cryptsetup doing that.

Please do not patch source or create some slow bash scripts
(initialization and memory locking cost resources).
Just use libcryptsetup. I added some example how to do it, see

http://code.google.com/p/cryptsetup/source/browse/#git%2Fmisc%2Fdict_search

e.g. for JTR known password list you can run (on quadcore cpu here)
  # luks_dict test.img /usr/share/john/password.lst 4

Then read FAQ how LUKS keyslot iterations slow down these attacks...

It is just quickly written example, perhaps with some bugs.

Anyway, enjoy :)
Milan

p.s.
If you really run this, compile cryptsetup with openssl support
(configure --with-crypto_backend=openssl) it is quicker than default gcrypt. 



More information about the dm-crypt mailing list