[dm-crypt] LVM on LUKS: volumes missing
arno at wagner.name
Sat Jun 4 10:06:36 CEST 2016
On Sat, Jun 04, 2016 at 00:46:53 CEST, Robert Nichols wrote:
> On 06/03/2016 04:42 PM, Arno Wagner wrote:
> >One thing is that these problems are pretty hard to debug.
> >Another is that LVM massively complicates things.
> >Now, if the LUKS container opens cleanly, anything
> >in it should be decrypted correctly (if it is LVM
> >atop of LUKS) and decryption with the wrong key is
> >not actually a possibility.
> >That also means you should be able to use LVM
> >recovery techniques (I assume they exist) on this.
> >Unfortunately, I cannot help you with LVM as I do not use
> >it. I consider it a badly engineered, overly complicated
> >thing that decreases reliablity and makes problem
> >diagnostics very hard.
> If the ASCII strings "LABELONE" and "LVM2" cannot be seen in the
> first few sectors of the volume, then that volume is either
> overwritten or not being decrypted correctly. LVM keeps quite a bit
> of easily recognized ASCII data in the volume header.
> In this case the fragile link seems to be the LUKS detached header,
> as I believe there is nothing to associate that header with a device
> and precise starting point for the payload. Yes, there is a check
> that the master key was reconstructed correctly. Now the question is
> what, if anything, does this key decrypt.
That is the one thing with a detached header: As the sector
number goes into the decryption, decryption must start at the
right place. If it does, it will becorrect with LUKS. If not,
"random" data should result with XTS mode, I agree.
Now, in theory it would be possible to try each possible offset
from the start of the device (depends on how the partition
for the LUKS container was created), until some (later) part
of the decrypted data has some deviation from uniform
distribution in byte-counts.
Arno Wagner, Dr. sc. techn., Dipl. Inform., Email: arno at wagner.name
GnuPG: ID: CB5D9718 FP: 12D6 C03B 1B30 33BB 13CF B774 E35C 5FA1 CB5D 9718
A good decision is based on knowledge and not on numbers. -- Plato
If it's in the news, don't worry about it. The very definition of
"news" is "something that hardly ever happens." -- Bruce Schneier
More information about the dm-crypt