[dm-crypt] Non-standard cipher mode

Milan Broz gmazyland at gmail.com
Wed Dec 18 18:15:50 CET 2013

On 12/18/2013 05:13 PM, Arno Wagner wrote:
> DO NOT EDIT THE HEADER. This will make your LUKS container
> inaccessible until you reverse the changes. What you now
> have is an aes-xts-plain64:sha512 container. You do not have
> ESSIV anywhere in there, XTS is an alternative to CBC-ESSIV.
> That said, if you want aother cipher or mode, easiest way is 
> to re-create the container. A bit harder and risky without 
> backup is to use Milan's reencryption tool.

Well, I fully agree.. but this case is kind of special.

The dmcrypt plain64 IV doesn't take additional arguments
(kernel should probably not allow to use them and not silently
ignore it...) so plain64 is exactly the same as plain64:sha512.

So properly editing header should help, but you have to be very
careful. (Use backup file, allow write access to it and edit
in some good hexa editor and restore it). Eveb one bit mistake
in keyslot area and your data are gone...

Really, if you can recreate whole device it could be better.
(Reecryption using cryptsetup-reencrypt is an option as well,
but it will take long time.)


> Arno
> On Wed, Dec 18, 2013 at 12:45:39 CET, FLD wrote:
>> I accidentally created a luks container using option --cipher
>> aes-xts-plain64:sha512. Everything seems to be working correctly and
>> luksDump shows: "Cipher mode:    xts-plain64:sha512". I wonder if I
>> should hexedit the header manually and replace the ":sha512" part with
>> nulls since the proper format would be just "xts-plain64" since the
>> cipher does not need a hash for the ESSIV?
>> _______________________________________________
>> dm-crypt mailing list
>> dm-crypt at saout.de
>> http://www.saout.de/mailman/listinfo/dm-crypt

More information about the dm-crypt mailing list