Dm-crypt

From NovaOrdis Knowledge Base
Revision as of 09:50, 24 December 2018 by Ovidiu (talk | contribs)
Jump to navigation Jump to search

External

Internal

Overview

dm-crypt is standard device mapper encryption functionality provided by the Linux kernel. The management of dm-crypt is done with cryptsetup userspace utility. dm-crypt allows for the following block-device encryption modes: LUKS and plain.

How Encryption Works

https://wiki.archlinux.org/index.php/disk_encryption#How_the_encryption_works

For the purpose of encryption, each block device is divided into sectors of equal length. The encryption/decryption happens on a per-sector basis - the nth sector of the block device on disk will store the encrypted version of the nth of the original data. Whenever the operation system or an application requests a certain fragment of data from the encrypted block device, the whole sector or sectors that contain the data will be read from the block device, decrypted on-the-fly and temporarily stored in memory. Similarly, on each write operation, all sectors that are affected must be re-encrypted completely, while the rest of the sector remain untouched.

The disk encryption system needs to know a unique secret key, named master key, to encrypt/decrypt the data. The entropy of the key is important for the security of the encryption. A randomly generated 32-byte (256-bit) key is appropriate, but it is not feasible to remember and apply manually during the mount. There are two techniques to address this limitation:

  • Use a shorter, human-friendly passphrase and an encryption algorithm to protect a master key with appropriate entropy. The passphrase-protected master key can be stored on the encrypted disk itself. This is known as "key stretching", where the passphrase is turned into an enhanced passphrase via a key derivation function; the passphrase is then used to encrypt/decrypt the actual master key.
  • Create a key file with high entropy and store it on a medium separate from the data drive to be encrypted. Such a key file can be place on an USB drive kept in a secure location and only connected to the computer during the mount phase of the encrypted disk.

Block-Device Encryption Types

LUKS

LUKS dm-crypt mode, used by default, is an additional convenience layer that stores all of the needed setup information for dm-crypt on the encrypted disk itself and abstracts partition and key management in an attempt to improve ease of use and cryptographic security. With LUKS, encryption is implemented in kernel space.

LUKS is the de-facto standard for block device encryption. The corresponding kernel modules are already shipped with the default kernel. It supports the following cyphers: AES, Anubis, CAST5/6, Twofish, Serpent, Camellia, Blowfish.

It has support for multiple and independently revokable keys for the same encrypted data.

plain

"plain" dm-crypt mode is the original kernel functionality and does not employ the convenience layer.

TrueCrypt

/dev/mapper

/dev/mapper contains, among other things, the dm-crypt encrypted volumes.

/etc/crypttab

/etc/crypttab describes encrypted block devices that are setup during system boot. Empty lines and lines starting with the "#" character are ignored. Each of the remaining lines describes one encrypted block device, fields on the line are delimited by white space. The first two fields are mandatory, the remaining two are optional.

The first field contains the name the encrypted device will be exposed under /dev/mapper. The second field contains the path to the underlying block device of file, or a specification of a block device with "UUID=...". The third field contains the encryption password. If the field is not present or the password is set to "none" or "-", the password has to be manually entered during system boot. Otherwise, the field is interpreted as an absolute path to a file containing the encryption password. The fourth field, if present, is a comma-delimited list of options. Interesting options:

  • timeout= specifies the timeout for querying for a password. If no unit is specified, seconds is implied. Supported units are s, ms, us, min, h, d. A timeout of 0 waits indefinitely. The default is about 10 seconds to start typing.

In case the timeout is not honored if the encrypted filesystem is supposed to be mounted at boot and systemd takes over. For a solution for this problem see /etc/fstab: /dev/mapper/cr_myprivate /myprivate xfs nofail,x-systemd.device-timeout=15 0 2.

More details about options can be obtained with:

man crypttab

Example:

#
# /etc/crypttab example
#

rackstationb /dev/sdb - timeout=0

cryptsetup

cryptsetup is the userspace utility used to manage the dm-crypt encryption functionality. More details:

man cryptsetup

cryptsetup Operations

cryptsetup Operations

Operations

cryptsetup Operations