[dm-crypt] How to derive master key in plain dm-crypt mode
jmzheng at gmail.com
Thu Dec 11 03:16:49 CET 2014
Thanks for your response.
More precisely, the key slot in the LUKS header contains the encrypted
master key (i.e., master key checksum from PBKDF2), not the master
The PBKDF2ed passphrase decrypts the encrypted master key in a key
slot, and the decryption result is processed by AFmerge to obtain a
master key candidate. The PBKDF2ed checksum of the master key
candidate is compared against the master key checksum in the key slot.
Is my understanding correct?
On Thu, Dec 11, 2014 at 12:01 AM, Ralf Ramsauer
<ralf+dm at ramses-pyramidenbau.de> wrote:
> On 12/10/2014 05:56 PM, Ralf Ramsauer wrote:
>> On 12/10/2014 01:48 PM, Jian-Ming Zheng wrote:
>>> In plain dm-crypt mode, there is no encrypted master key on the device
>>> (i.e., no metadata header). Is a master key derived from the user
>>> passphrase and used to en-/decrypt the device? If yes, how to derive
>>> the master key from the passphrase in plain mode?
> Oh I'm sorry. I stand corrected.
> I skipped a word when I read your message. I skipped the "plain" part.
> I can't answer your question as I don't know how the key is derived from
> the passphrase using plain mode.
> But I'm pretty sure someone one this list will know it.
> But I can tell you, that if your device is mounted, you can use dmsetup
> to dump the masterkey:
> # dmsetup table --showkeys DEVICENAME
>> In short words and to sum it up:
>> The passphrase is used to generate some "intermediate" key, using a Key
>> Derivation Function. In case of Luks, this function is PBKDF2.
>> This derived key is used to decrypt a Keyslot in the Luks header of your
>> volume, which contains the actual masterkey.
>> So having only the passphrase is not sufficient to derive a volume's
>>> dm-crypt mailing list
>>> dm-crypt at saout.de
>> dm-crypt mailing list
>> dm-crypt at saout.de
> dm-crypt mailing list
> dm-crypt at saout.de
More information about the dm-crypt