[dm-crypt] plain: opening with a wrong password
arno at wagner.name
Sun Feb 8 10:23:34 CET 2015
On Sun, Feb 08, 2015 at 09:19:54 CET, Heinz Diehl wrote:
> On 08.02.2015, Matthias Schniedermeyer wrote:
> > > You need something to compare the passphrase to, and that's the hash.
> > > How would you check the validity of the entered passphrase otherwise?
> > > A plain text comparison is obviously impossible.
> > With Plain the password can't be verified, the dm-crypt device is setup
> > and if the password was wrong, the "decrypted" device contains garbage.
> > Containers usually have a means to test if the password is correct,
> > plain does not.
> I tried to keep it simple in my example. Although you're (of course) right, I
> didn't write about "plain encryption" or "plain dmcrypt", but plain text
> comparison, in order to explain why there is the need for e.g. a hash.
> As you point out, with plain dmcrypt the only possibility is actually
> using the password and checking if the "decrypted" data based on it
> makes any sense.
Form a purely practical perspective, the difference usually negligible.
Wile plain dm-crypt mounting fails at the mount-stage due to wrong
filesystem signatures, LUKS mounting fails at the decrypt stage.
>From an attacker's perspecive, the difference is also small, except
that all the iteration in LUKS adds a massive amount of computational
effort. The data in the LUKS header does not help the attacker at all.
It does take a look at the details (as so often in crypto protocols)
to see that though.
Arno Wagner, Dr. sc. techn., Dipl. Inform., Email: arno at wagner.name
GnuPG: ID: CB5D9718 FP: 12D6 C03B 1B30 33BB 13CF B774 E35C 5FA1 CB5D 9718
A good decision is based on knowledge and not on numbers. -- Plato
If it's in the news, don't worry about it. The very definition of
"news" is "something that hardly ever happens." -- Bruce Schneier
More information about the dm-crypt