[dm-crypt] Query on validating cryptsetup

Milan Broz gmazyland at gmail.com
Sun Oct 7 21:50:46 CEST 2012

On 10/03/2012 07:28 PM, Abhishek Tiwari wrote:
> I am trying to use cryptsetup for an SD card. I create the crypto
> mapper device and write a file to it. For the purpose of validation,
> I am using a fixed key "11111111" as passphrase. Then I tried to see
> the contents of this SD card using a reader and WinHex. Unfortunately
> these contents do not match with an encrypted copy of same file that
> was encrypted using this online DES encryption tool: 
> http://www.tools4noobs.com/online_tools/encrypt/ I specified
> algorithm as DES and mode as CBC.

Well, if it is real use, never use DES, it is no longer secure enough.

But for learning crypto this can be nice exercise.

First, note difference in CBC encryption for the whole file
and with dm-crypt.

For dmcrypt, it uses CBC per sector, restarting for every sector with
defined IV. (Sectors are encrypted independently.)
So you cannot compare more than one sector of ciphertext - 512 bytes
with tool above.

- in that PHP tool, I entered "11111111" as key
(note it is string, so it translates to 0x31,0x31,0x31,0x31,0x31,0x31,0x31,0x31)
- plaintext "test1234test5678" (2x DES 8-bytes blocks to see CBC for second block)
- encryption is DES, mode CBC, output hexa
- note php mcrypt_encrypt uses zeroed IV if not specified

So, this will get ciphertext: b43b364065cdf4571a92ba2daecaf2ff

Now, the same with cryptsetup:

- prepare keyfile
  # echo -n "11111111">keyfile

- configure cryptsetup, null is zeroed IV. Note that for keyfile there is
  no hashing (exactly what we need - directly use key form file).
  # cryptsetup -c des-cbc-null --key-size=64 --key-file=keyfile create test /dev/sdb

- you can verify what key is really used (key is 5th parameter in hexa)
  # dmsetup table --showkeys test
  0 417792 crypt des-cbc-null 3131313131313131 0 8:16 0

- write plaintext
  # echo -n "test1234test5678" >/dev/mapper/test

- flush underlying device cache to be sure we read new data (or remove dmcrypt mapping)
  # blockdev --flushbufs /dev/sdb

- and check ciphertext
  # hexdump -C -n 16 /dev/sdb
  00000000  b4 3b 36 40 65 cd f4 57  1a 92 ba 2d ae ca f2 ff  |.;6 at e..W...-....|

For me, it looks like it is the same ;-)


More information about the dm-crypt mailing list