[dm-crypt] Quick dm-crypt questions

Cpp tzornik at gmail.com
Tue Oct 28 10:15:22 CET 2014


I've got two questions abour dm-crypt/LUKS.

- Does dm-crypt/LUKS employ any RAM anti-forensics? In particular,
what is the danger of a master key being "burnt-in" into the RAM, if a
certain container is mounted for an extended period of time (a few
years)? Is the master key being periodically moved around in RAM (this
acts like a screen-saver or rather a RAM-saver) or does it reside at a
static location after the container is mounted?

- Is it possible to separate the LUKS header from the encrypted data?
Normally when a partition is luksFormat-ted it will generate a LUKS
header on that partition at the very beginning of space. But I was
wondering, if it's possible to have only the encrypted data on the
partition, and move the LUKS header somewhere else i.e. a file on a
USB stick?


More information about the dm-crypt mailing list