[dm-crypt] Basics

Michael Kjörling michael at kjorling.se
Sat Sep 26 00:24:10 CEST 2015

On 25 Sep 2015 23:48 +0200, from promike1987 at gmail.com (Mike Nagie):
> I'll probably use this command:
> cryptsetup -v --cipher aes-xts-plain64 --key-size 512 --hash sha512 (or 
> an other one I haven't decided yet) --iter-time (about) 2000 (I'm 
> generous, about 2 secs seems fine) --use-random

Looks reasonable, except you forgot to pass "luksFormat" and a device
to cryptsetup, so it won't know what to do with the rest. :-) (Oh, and
note that as discussed here previously, the problems with SHA-1
leading to its current sunsetting don't affect its usage in LUKS. In
fact, I'd expect that for LUKS' purposes, even MD5 would still be a
secure choice, if perhaps somewhat... unusual.)

If you want additional security against forensic analysis, a good
strategy might be to set up a LUKS container with a throwaway
passphrase and key, and then "dd" or "ddrescue" zeroes into it, then
create your real LUKS container in place of the throwaway one. That
will ensure that any remnants of old data are gone, and will prevent
forensic analysis based around which parts of the container appear to
hold encrypted data. In other words:

cryptsetup luksFormat /dev/something
cryptsetup luksOpen /dev/something dummy
dd if=/dev/zero of=/dev/mapper/dummy bs=1M
cryptsetup luksClose dummy
cryptsetup luksFormat ... the real deal goes here ...
cryptsetup luksOpen /dev/something the_real_deal
... now make a file system on /dev/mapper/the_real_deal and start using it ...

Note that the "dd" will take many hours to complete on large drives.
Given that you have a 1 TiB drive and assuming it's a 7200 rpm drive,
I would expect that to take about 3-4 hours if you give LUKS the whole
drive and assuming that there are no other disk accesses going on
concurrently. Using GNU ddrescue instead will provide you with a nice,
continually updated progress report, but effectively does the same
thing. The all-zeroes will be encrypted and on the next luksFormat the
key will be overwritten, resulting in unused portions of the drive
looking like random garbage to anyone looking.

Michael Kjörling • https://michael.kjorling.semichael at kjorling.se
OpenPGP B501AC6429EF4514 https://michael.kjorling.se/public-keys/pgp
                 “People who think they know everything really annoy
                 those of us who know we don’t.” (Bjarne Stroustrup)

More information about the dm-crypt mailing list