[dm-crypt] yet another "lost my partition" message

Arno Wagner arno at wagner.name
Fri Apr 15 18:13:41 CEST 2011

On Fri, Apr 15, 2011 at 03:52:34PM +0200, Cristian KLEIN wrote:
> Hello list,
> > I've just lost my home partition trying to reinstall ubuntu.
> > On the installation process, trying to configure my encrypted home
> > partition, I thought it was going to mount my partition but it was asking
> > for the new key.
> > After that I rebooted and didn't make any other changes to my partition.
> > It seems the partitioner used "cryptsetup luksFormat". Do you think I can
> > still restore my partition?
> > I used the same passphrase configured for my home.
> This is *exactly* what I did yesterday. I thought I was tired or
> something, but seeing that it happened to somebody else too, I start
> thinking that the installer's interface sucks ... badly!

I agree. However, as far as I can tell this is entirely an Ubuntu 
problem, not a cryptsetup problem.  It is also easy to avoid, as 
they could be checking for an existing LUKS header and ask you 
whether you are really, really sure you want to kill it.  Or 
offering to just integrate the existing partition. 

I guess the installer is using --batch-mode which disables any 
checks and questions cryptsetup would do. If you kill your 
LUKS partition with cryptsetup, you have to go through this
R gatewagner:~/f/luks# cryptsetup luksFormat /dev/loop0

This will overwrite data on /dev/loop0 irrevocably.

Are you sure? (Type uppercase yes): YES

That should be enough warning, I believe.

> I assume there is no way to recover the original file system. Ubuntu has
> most likely overwritten the LUKS header where the pretious salt is being
> stored. The unencrypted disk most likely looks like random data now.
> According to the FAQ [1], you can still resort to the dm-crypt
> mailing-list to get over the five stages of grief.

This may sound like sarcasm, but it is not. I wrote that and I 
realize the pain is real. This passage however serves a dual 
purpose and the second one is to warn people.
> A posteriori, I cannot help wonder why such pretious information isn't
> kept redundantly. 

The FAQ discusses this. It is a design-choice as keeping the
header redundantly lowers security significantly. There is
really no way to keep a backup header without making the
anti-forensic measures ineffective. 

> Surely LUKS could have stored the header in 10 random
> sectors with an easy-to-grep "HERE I AM" banner. Wouldn't this allow
> users to recover the master-key (and part of the file-system) without
> compromising security?

No. Sorry. One case when you wipe the header intentionally is when
your passphrase gets compromised. If the header is in some random 
sectors, you a) would have to remember where it is (making a header
backup is not harder than that) and b) an atacker yould just try
all sectors. Not that much effort.

So, While I am sorry you people got hit by a serious design and 
implementation problem in the Ubuntu installer, the design of
LUKS is not at fault here.

If I find where to complain, I may file an Ubuntu bug report. 
However I do not use Ubuntu. What versions do have this broken

> Cristi.
> P.S. Could anybody donate 2^256 CPU-seconds?
> P.S.2. What stage of grief am I in? :D

Denial/Anger, but you are trying to compensate with humour. Good!
Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: arno at wagner.name 
GnuPG:  ID: 1E25338F  FP: 0C30 5782 9D93 F785 E79C  0296 797F 6B50 1E25 338F
Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans

If it's in the news, don't worry about it.  The very definition of 
"news" is "something that hardly ever happens." -- Bruce Schneier 

More information about the dm-crypt mailing list