[dm-crypt] encryption of single files using cryptsetup ala gpg -c

.. ink .. mhogomchungu at gmail.com
Tue May 8 22:28:22 CEST 2012

most people( according to google search ) seem to use gpg command to
encrypt a single file in linux with a passphrase.

I just added the ability to encrypt a single file like gpg in zulucrypt
using cryptsetup,currently in plain format.

The current implementation adds a 512 byte header to the encrypted file to
store information about the plain data length to work around padding issues
if the data that is to be encrypted is not a multiple of 512. The header is
also encrypted with the load so the only way to read the header is to first
decrypt the encrypted file with the correct passphrase.

Like somebody said in one of the previous discussions on plain volumes,the
only way to know a correct passphrase was used when decrypting a plain
volume is to check in the  decrypted data for something that is known to be
there from the original data.

The question i am asking is, is it possible to write some information in
the header in a way that will tell me the decrypting key is the same as the
encrypting key?

One solution i came up with is to write the same random 100 byte data read
from "/dev/urandom" to offse 100t and offset 200 when encrypting the file.
One decryption,the these two offsets are memcmp and an assumption is made
that the key is the same if they match. Will this work? With plain volumes,
if two chunks of 100 bytes are known to be the same at encryption. Will tey
always be different if decryption is done with a different key?

Another solution is to write the first 100 bytes of the key in the header
at a specified offset and then compare ithe offset against the key used in
decryption. If they match,then an assumption is made that the decryption
keys are the same since there is recognizable pattern.

can somebody come with a better solution?

I already store plain text data load length in the header and i know the
encrypted file will be larger that plain text file by a number >= 512 and <
1024. I can use this knowledge to check if the decryption key is correct
but i am looking for a more "standardized way".

The current implementation can is at:
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.saout.de/pipermail/dm-crypt/attachments/20120508/262b9413/attachment.html>

More information about the dm-crypt mailing list