[dm-crypt] nuke password to delete luks header

.. ink .. mhogomchungu at gmail.com
Tue Jan 14 06:00:23 CET 2014


> > with cryptsetup,the way to do it would be:
> > 1. start with a block device like a usb stick
> > 2. blank it out with random data.
> > 3. put a regular file system like vfat at the beginning of the device.
> > 4. put an encrypted plain volume somewhere at the back of the device.
>
> And any reasonable disk forensics tool will find that automatically
> and fast. My keyslot-checker could be adapted to find something like
> that in maybe one hour.
>
>
are you saying that,if i create a 100MB file with data from "/dev/urandom"
and then put a vfat file system on it,and then i open a plain mapper at
50MB offset and create a second file system on the file through the
mapper,then your keyslot-checker or any other forensic tool will be able to
detect the presence of this plain volume?

If true,then i would appreciate any link to any discussion of it because i
am unaware of it.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.saout.de/pipermail/dm-crypt/attachments/20140114/8fd98d12/attachment.html>


More information about the dm-crypt mailing list