[dm-crypt] How to derive master key in plain dm-crypt mode

Robert Nichols rnicholsNOSPAM at comcast.net
Wed Dec 10 23:34:59 CET 2014


On 12/10/2014 05:48 AM, Jian-Ming Zheng wrote:
> In plain dm-crypt mode, there is no encrypted master key on the device
> (i.e., no metadata header). Is a master key derived from the user
> passphrase and used to en-/decrypt the device? If yes, how to derive
> the master key from the passphrase in plain mode?

The /cryptsetup/ manpage indicates that the key is just the hash of the
passphrase using the specified hash function and cropped to the required
key length. "cryptsetup --help" will show you the default hash function.

-- 
Bob Nichols     "NOSPAM" is really part of my email address.
                 Do NOT delete it.



More information about the dm-crypt mailing list