[dm-crypt] encryption of single files using cryptsetup ala gpg -c

Timothy Rice t.rice at ms.unimelb.edu.au
Tue May 8 22:56:47 CEST 2012


> The current implementation adds a 512 byte header to the encrypted file to
> store information about the plain data length to work around padding issues
> if the data that is to be encrypted is not a multiple of 512. The header is
> also encrypted with the load so the only way to read the header is to first
> decrypt the encrypted file with the correct passphrase.
> 
> Like somebody said in one of the previous discussions on plain volumes,the
> only way to know a correct passphrase was used when decrypting a plain
> volume is to check in the  decrypted data for something that is known to be
> there from the original data.
> 
> The question i am asking is, is it possible to write some information in
> the header in a way that will tell me the decrypting key is the same as the
> encrypting key?

I apologise in advance if I've misunderstood your question in any way. It
occurs to me that using hashes could be a good idea? You could either use a
hash of (at least part of) the file itself, or you could use a hash of the
passphrase?

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 316 bytes
Desc: not available
URL: <http://www.saout.de/pipermail/dm-crypt/attachments/20120509/0c4da22c/attachment.asc>


More information about the dm-crypt mailing list