[dm-crypt] blkid and aes-cbc-plain/aes-cbc-essiv:sha256

Sven Eschenberg sven at whgl.uni-frankfurt.de
Tue Mar 13 15:46:40 CET 2012


What Milan said is this:

It is impossible to distinguish between ESSIV and non ESSIV modes. The
only means of knowing which is right is when the read data seems to be
plausible.

But that's the very problem: what do you consider plausible?

Here's an example, plain and ESSIV look the same (at the relevant area on
disk) and thus a FS signature is found, the FS driver tries to mount the
FS and then detects, that the rest of the FS structures seem to be broken.
It fails. Or it might aswell try to recover the FS and by doing so corrupt
the data irreversibly.

This becomes even more problematic, if the Volume does not host a FS but
something else.

Thus the only sane approach is, to not do any 'educated' guessing, since
it might work in some (or even many) cases, but corrupts significant
amounts of data, when it fails.

(I chose educated guessing, since auto-detection implies that you can make
sure your detection result is valid)

Regards

-Sven



On Tue, March 13, 2012 02:03, .. ink .. wrote:
> Thanks for your quick response,
>
>
>> For plain mode, user must provide the cipher, mode and keysize.
>> Please do not invent autodetection - you just proved it will lead
>> to data corruption. This is one of the reasons why LUKS was invented,
>> where cipher and mode is stored in metadata.
>>
>
>
>>
>>> My suggestion is to ignore "aes-cbc-plain" and just use current default
>> (and give user option to overwrite it manually).
>>
>> Milan
>>
>
> My tool is meant to be simple, that means the user provides only a path to
> encrypted volume and a passphrase .All other options are default and hard
> coded and a user can not change them.If a user want to use non default
> option then the tool is too simple for them as it will lead to unnecessary
> complexity.
>
> Below is what happen when a user provides a path to an encrypted volume
> and
> a passphrase to open a volume
>
> 1. The volume is checked to see if its luks or not. If it is, it is then
> opened as luks with luks default as they are 1.4.1.
>
> 2. If a volume is not luks, it is then assumed to be plain and the first
> attempt is to open it with plain defaults as they are in 1.4.1. If that
> fail, it is then opened as plain with default values are they were in
> 1.3.0
>
> I do not see any danger with the current design of supporting both plain
> modes as long as,as it currently appear to be, mount can distinguish the
> two.  The advise to drop "legacy mode" will make sense if the mount
> failure
> is not a guaranteed way to distinguish the two(.it seem to be working so
> far with vfat, ext3/4 file systems). Is this what you are saying?
> _______________________________________________
> dm-crypt mailing list
> dm-crypt at saout.de
> http://www.saout.de/mailman/listinfo/dm-crypt
>




More information about the dm-crypt mailing list