[dm-crypt] Questions on LUKS

Michael Kjörling michael at kjorling.se
Sat Sep 24 10:38:27 CEST 2016

On 21 Sep 2016 12:09 +0000, from eruiz03 at harris.com (Ruiz, Edwin):
> 1.       When LUKS is applied to a partition of a drive, is
> decrypted data only stored in memory and never written back to the
> drive (unencrypted).

LUKS does not re-write decrypted data to the disk; doing so would
defeat its purpose, and would also require things like keeping track
of which data is encrypted and which is decrypted on disk (which there
is no room for). As a consequence, a LUKS container is always fully
encrypted with a single encryption key (even if it is not, it is
treated as such), and that encryption key is protected by the various
key slot passphrases.

That said, _other_ system components or software may write out data in
decrypted form (because that's how it appears to them), but that is
beyond the scope of LUKS. You can mitigate this by ensuring that all
writable locations within the file system are backed either by RAM
(thus having the same data remanence properties as LUKS itself) or by
encrypted containers on persistent storage.

Make sure your swap, if any, is also encrypted, preferably with a
random key regenerated on each boot. That gives swap similar data
remanence properties to the RAM that holds the key while the system is

> 3.       What are the implications of a system that is shut down
> (powerloss, critical failure, etc.) without the command "lucksClose"
> issued to an encrypted device?

Should be none in particular. The purpose of luksClose is basically to
clear the key material from RAM and tear down the device mapper
bindings. If the system is shutting down anyway, doing that or not
doesn't really change much in the grand scheme of things; luksClose is
largely a housekeeping operation.

By not having done a luksClose or luksSuspend before the shutdown, it
is _possible_ that key material might remain in RAM after power-off,
and it is _possible_ that this might allow for a cold boot attack.
That, however, is something that LUKS by itself cannot really protect
against. A lockable case with a decent locking mechanism will mitigate
against this threat; by the time an adversary can get the case open
sufficiently to gain access to the RAM modules, in or above room
temperature, RAM data remanence _should not_ be a major concern.

Michael Kjörling • https://michael.kjorling.semichael at kjorling.se
                 “People who think they know everything really annoy
                 those of us who know we don’t.” (Bjarne Stroustrup)

More information about the dm-crypt mailing list