From linux-crypto-bounce@nl.linux.org Fri Apr 01 14:36:50 2005 Received: from localhost ([127.0.0.1] helo=humbolt) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1DHLOJ-0005An-G1; Fri, 01 Apr 2005 14:36:47 +0200 Received: with ECARTIS (v1.0.0; list linux-crypto); Fri, 01 Apr 2005 14:36:06 +0200 (CEST) Received: from mailrelay1.bredband.net ([195.54.107.81]) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1DHLNU-00058u-K6 for linux-crypto@nl.linux.org; Fri, 01 Apr 2005 14:35:56 +0200 Received: from insula.localdomain (ua-83-227-221-136.cust.bredbandsbolaget.se [83.227.221.136]) by mailrelay1.bredband.net (Postfix) with ESMTP id B93C25080A8 for ; Fri, 1 Apr 2005 14:36:11 +0200 (CEST) Date: Fri, 1 Apr 2005 14:35:45 +0200 From: Gabriel =?ISO-8859-1?Q?J=E4genstedt?= To: linux-crypto@nl.linux.org Subject: Partitions on loopback Message-ID: <20050401143545.4bc20196@insula.localdomain> In-Reply-To: <20050330235650.GC12080@black-sun.demon.co.uk> References: <91a4537e34f7346374f29e04622fc834@evinrude> <87wts7y4vh.fsf@evinrude.uhoreg.ca> <87oedhx7aa.fsf@evinrude.uhoreg.ca> <87r7i749uc.fsf@evinrude.uhoreg.ca> <87sm2c7ra6.fsf@evinrude.uhoreg.ca> <20050330235650.GC12080@black-sun.demon.co.uk> X-Mailer: Sylpheed-Claws 1.0.3 (GTK+ 1.2.10; i386-pc-linux-gnu) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Received-SPF: X-Spam-Status: No, score=0.0 required=5.0 tests=BAYES_50 autolearn=no version=3.0.1 X-Spam-Level: X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on humbolt.nl.linux.org X-ecartis-version: Ecartis v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: gabriel.j@telia.com Precedence: bulk List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto Hi all! I've been spending several hours looking at ways to encrypt my computer. I've read the Disc Encryption HOWTO and loop-aes readme but can't find any information about how to partition up a loopback device with partitions larger than 2GB. I have understood this should be easier with kernel 2.6 but don't know anything more about it. Are there any comprehensive guides on partitioning a to be encrypted loopback device (device backed)? Or does anyone have any other tips? For the record all I really want is a disc that is 100% totally encrypted no partition tables showing or anything. - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Fri Apr 01 15:37:56 2005 Received: from localhost ([127.0.0.1] helo=humbolt) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1DHMLT-0000Vw-6s; Fri, 01 Apr 2005 15:37:55 +0200 Received: with ECARTIS (v1.0.0; list linux-crypto); Fri, 01 Apr 2005 15:37:32 +0200 (CEST) Received: from mail.tnnet.fi ([217.112.240.26]) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1DHMKj-0000Qu-Uj for linux-crypto@nl.linux.org; Fri, 01 Apr 2005 15:37:09 +0200 Received: from localhost (localhost [127.0.0.1]) by mail.tnnet.fi (Postfix) with ESMTP id 1872727619D; Fri, 1 Apr 2005 16:37:00 +0300 (EEST) Received: from mail.tnnet.fi ([127.0.0.1]) by localhost (mail [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 27758-12; Fri, 1 Apr 2005 16:36:53 +0300 (EEST) Received: from armas (a64.adsl.tnnet.fi [217.112.242.64]) by mail.tnnet.fi (Postfix) with ESMTP id 1DCCD2C48F; Fri, 1 Apr 2005 16:36:53 +0300 (EEST) Received: from localhost ([127.0.0.1] helo=users.sourceforge.net) by armas with esmtp (Exim) id 1DHMKS-00017E-00; Fri, 01 Apr 2005 16:36:52 +0300 Message-ID: <424D4E74.7481464E@users.sourceforge.net> Date: Fri, 01 Apr 2005 16:36:52 +0300 From: Jari Ruusu X-Mailer: Mozilla 4.79 [en] (X11; U; Linux 2.4.22aa1r8 i686) X-Accept-Language: en MIME-Version: 1.0 To: Gabriel =?iso-8859-1?Q?J=E4genstedt?= Cc: linux-crypto@nl.linux.org Subject: Re: Partitions on loopback References: <91a4537e34f7346374f29e04622fc834@evinrude> <87wts7y4vh.fsf@evinrude.uhoreg.ca> <87oedhx7aa.fsf@evinrude.uhoreg.ca> <87r7i749uc.fsf@evinrude.uhoreg.ca> <87sm2c7ra6.fsf@evinrude.uhoreg.ca> <20050330235650.GC12080@black-sun.demon.co.uk> <20050401143545.4bc20196@insula.localdomain> Content-Type: text/plain; charset=iso-8859-1 X-Virus-Scanned: amavisd-new at mail.tnnet.fi Content-Transfer-Encoding: quoted-printable Received-SPF: X-Spam-Status: No, score=0.1 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.0.1 X-Spam-Level: X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on humbolt.nl.linux.org X-ecartis-version: Ecartis v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: jariruusu@users.sourceforge.net Precedence: bulk List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto Gabriel J=E4genstedt wrote: > I've been spending several hours looking at ways to encrypt my computer= . > I've read the Disc Encryption HOWTO and loop-aes readme but can't find > any information about how to partition up a loopback device with > partitions larger than 2GB. I have understood this should be easier wit= h > kernel 2.6 but don't know anything more about it. loop-AES has supported 64 bit device offsets and sizelimits since Novembe= r 29 2003. No 2GB limit on 2.4 or 2.6 kernels. > Are there any comprehensive guides on partitioning a to be encrypted > loopback device (device backed)? Or does anyone have any other tips? >=20 > For the record all I really want is a disc that is 100% totally > encrypted no partition tables showing or anything. You can use unpartitioned device /dev/hda and set up loop devices using offset and sizelimit. If 'sfdisk -l -uS /dev/hda' says: Units =3D sectors of 512 bytes, counting from 0 Device Boot Start End #sectors Id System /dev/hda1 * 63 48194 48132 83 Linux /dev/hda2 48195 11245499 11197305 83 Linux /dev/hda3 11245500 12273659 1028160 82 Linux swap And if you were to set up above three partitions as encrypted loop device= s, then you could issue these losetup commands: losetup -e AES128 -K foo1.gpg -o @32256 -s 24643584 /dev/loop1 /de= v/hda losetup -e AES128 -K foo2.gpg -o @24675840 -s 5733020160 /dev/loop2 /de= v/hda losetup -e AES128 -K foo3.gpg -o @5757696000 -s 526417920 /dev/loop3 /de= v/hda Offset and sizelimit need to be specied in bytes. Offset is partition sta= rt * 512, and sizelimit is #sectors * 512. The @ character in front of offse= t is needed to remove the offset from IV computations. For encrypted root, you can specify -o and -s losetup options to build-initrd.sh script if you redefine the meaning of PSEED option. Like this: CRYPTROOT=3D/dev/hda PSEED=3D"-o @32256 -s 24643584" Normal file system mounts can use offset=3D and sizelimit=3D mount option= s in /etc/fstab file. Mount program understands them, but swapon program does not. So, for partition-table-less encrypted swap you must use losetup program with -o and -s options. --=20 Jari Ruusu 1024R/3A220F51 5B 4B F9 BB D3 3F 52 E9 DB 1D EB E3 24 0E A9 = DD - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Sat Apr 02 00:18:07 2005 Received: from localhost ([127.0.0.1] helo=humbolt) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1DHUSr-0006WD-7n; Sat, 02 Apr 2005 00:18:05 +0200 Received: with ECARTIS (v1.0.0; list linux-crypto); Sat, 02 Apr 2005 00:17:35 +0200 (CEST) Received: from mailrelay1.bredband.net ([195.54.107.81]) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1DHUS5-0006VQ-C4 for linux-crypto@nl.linux.org; Sat, 02 Apr 2005 00:17:17 +0200 Received: from insula.localdomain (ua-83-227-221-136.cust.bredbandsbolaget.se [83.227.221.136]) by mailrelay1.bredband.net (Postfix) with ESMTP id D6A035080BC for ; Sat, 2 Apr 2005 00:17:32 +0200 (CEST) From: Gabriel =?ISO-8859-1?Q?J=E4genstedt?= To: linux-crypto@nl.linux.org Subject: Re: Partitions on loopback In-Reply-To: <424D4E74.7481464E@users.sourceforge.net> References: <91a4537e34f7346374f29e04622fc834@evinrude> <87wts7y4vh.fsf@evinrude.uhoreg.ca> <87oedhx7aa.fsf@evinrude.uhoreg.ca> <87r7i749uc.fsf@evinrude.uhoreg.ca> <87sm2c7ra6.fsf@evinrude.uhoreg.ca> <20050330235650.GC12080@black-sun.demon.co.uk> <20050401143545.4bc20196@insula.localdomain> <424D4E74.7481464E@users.sourceforge.net> X-Mailer: Sylpheed-Claws 1.0.3 (GTK+ 1.2.10; i386-pc-linux-gnu) Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Message-Id: <20050401221732.D6A035080BC@mailrelay1.bredband.net> Date: Sat, 2 Apr 2005 00:17:32 +0200 (CEST) Received-SPF: X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on humbolt.nl.linux.org X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=BAYES_50 autolearn=no version=3.0.1 X-ecartis-version: Ecartis v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: gabriel.j@telia.com Precedence: bulk List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto Thanks for your help.. Could I just ask why you gave different keys for each device? Oh and why is the first partition starting at sector 63? On Fri, 01 Apr 2005 16:36:52 +0300 Jari Ruusu wrote: > Gabriel J=E4genstedt wrote: > > I've been spending several hours looking at ways to encrypt my > > computer. I've read the Disc Encryption HOWTO and loop-aes readme > > but can't find any information about how to partition up a loopback > > device with partitions larger than 2GB. I have understood this > > should be easier with kernel 2.6 but don't know anything more about > > it. >=20 > loop-AES has supported 64 bit device offsets and sizelimits since > November 29 2003. No 2GB limit on 2.4 or 2.6 kernels. >=20 > > Are there any comprehensive guides on partitioning a to be encrypted > > loopback device (device backed)? Or does anyone have any other tips? > >=20 > > For the record all I really want is a disc that is 100% totally > > encrypted no partition tables showing or anything. >=20 > You can use unpartitioned device /dev/hda and set up loop devices > using offset and sizelimit. If 'sfdisk -l -uS /dev/hda' says: >=20 > Units =3D sectors of 512 bytes, counting from 0 > Device Boot Start End #sectors Id System > /dev/hda1 * 63 48194 48132 83 Linux > /dev/hda2 48195 11245499 11197305 83 Linux > /dev/hda3 11245500 12273659 1028160 82 Linux swap >=20 > And if you were to set up above three partitions as encrypted loop > devices, then you could issue these losetup commands: >=20 > losetup -e AES128 -K foo1.gpg -o @32256 -s 24643584 /dev/loop1 > /dev/hda losetup -e AES128 -K foo2.gpg -o @24675840 -s 5733020160 > /dev/loop2 /dev/hda losetup -e AES128 -K foo3.gpg -o @5757696000 -s > 526417920 /dev/loop3 /dev/hda >=20 > Offset and sizelimit need to be specied in bytes. Offset is partition > start * 512, and sizelimit is #sectors * 512. The @ character in front > of offset is needed to remove the offset from IV computations. >=20 > For encrypted root, you can specify -o and -s losetup options to > build-initrd.sh script if you redefine the meaning of PSEED option. > Like this: >=20 > CRYPTROOT=3D/dev/hda > PSEED=3D"-o @32256 -s 24643584" >=20 > Normal file system mounts can use offset=3D and sizelimit=3D mount options > in /etc/fstab file. Mount program understands them, but swapon program > does not. So, for partition-table-less encrypted swap you must use > losetup program with -o and -s options. >=20 > --=20 > Jari Ruusu 1024R/3A220F51 5B 4B F9 BB D3 3F 52 E9 DB 1D EB E3 24 0E > A9 DD >=20 > - > Linux-crypto: cryptography in and on the Linux system > Archive: http://mail.nl.linux.org/linux-crypto/ >=20 --- //gabriel - a true believer - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Sat Apr 02 02:20:26 2005 Received: from localhost ([127.0.0.1] helo=humbolt) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1DHWNF-00044e-Ec; Sat, 02 Apr 2005 02:20:25 +0200 Received: with ECARTIS (v1.0.0; list linux-crypto); Sat, 02 Apr 2005 02:20:07 +0200 (CEST) Received: from [2002:425c:4d62::1] (helo=imladris.surriel.com) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1DHWL1-0003rM-7j for linux-crypto@nl.linux.org; Sat, 02 Apr 2005 02:18:07 +0200 Received: from [127.0.0.1] (helo=localhost) by imladris.surriel.com with esmtp (Exim 4.43) id 1DHWL0-0006Oj-2J for linux-crypto@nl.linux.org; Fri, 01 Apr 2005 19:18:06 -0500 Date: Fri, 1 Apr 2005 19:16:22 -0500 (EST) From: Rik van Riel To: Hubert Chan cc: linux-crypto@nl.linux.org Subject: Re: Somebody stop the junk mail! In-Reply-To: <87mzsk7g5t.fsf@evinrude.uhoreg.ca> Message-ID: References: <91a4537e34f7346374f29e04622fc834@evinrude> <87wts7y4vh.fsf@evinrude.uhoreg.ca> <87oedhx7aa.fsf@evinrude.uhoreg.ca> <87r7i749uc.fsf@evinrude.uhoreg.ca> <87sm2c7ra6.fsf@evinrude.uhoreg.ca> <87mzsk7g5t.fsf@evinrude.uhoreg.ca> X-spambait: aardvark@kernelnewbies.org X-spammeplease: aardvark@nl.linux.org MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII ReSent-Date: Fri, 1 Apr 2005 19:18:01 -0500 (EST) ReSent-From: Rik van Riel ReSent-To: linux-crypto@nl.linux.org ReSent-Subject: Re: Somebody stop the junk mail! ReSent-Message-ID: X-Spam-Level: X-Spam-Status: No, score=-4.6 required=5.0 tests=ALL_TRUSTED,AWL,BAYES_00 autolearn=ham version=3.0.1 X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on humbolt.nl.linux.org X-Approved-By: riel@nl.linux.org X-ecartis-version: Ecartis v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: riel@surriel.com Precedence: bulk List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto On Wed, 30 Mar 2005, Hubert Chan wrote: > Rik> Would it be acceptable to have a "self whitelisting" system here - > Rik> ie. a "mailing list" that people can subscribe to, but not post to, > Rik> and subscribers from that silent list would be allowed to post to > Rik> the linux-crypto list ? > > That would be fine with me. I guess if nobody complains about this, we > can go ahead with this. OK, I've set up this list, trustedpost@nl.linux.org. Note that you can not send any email to this list - its only use is to automatically be approved to send mail to any of the members-only mailing lists on nl.linux.org. You can subscribe like this: $ echo subscribe | mail trustedpost-request@nl.linux.org > Rik> Any volunteers ? > > I wouldn't mind helping out. Although I probably wouldn't be able to > take it all on (e.g. I may be out of town at some points). > > The amount of spam that actually does get through doesn't seem to be > that much (and after we close the list, that should get rid of the guy > who's using the list address to sign up for various things), so my guess > is that this should only require a couple other people. Indeed. Lets see how the "trustedpost" thing works out, and then we can look at the other measures. If you read via gmane or another source, and want to post to the list without subscribing - just add yourself to trustedpost and you'll be able to send mail to the list just fine. -- "Debugging is twice as hard as writing the code in the first place. Therefore, if you write the code as cleverly as possible, you are, by definition, not smart enough to debug it." - Brian W. Kernighan - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Sat Apr 02 11:03:19 2005 Received: from localhost ([127.0.0.1] helo=humbolt) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1DHeXE-0006Tr-Tv; Sat, 02 Apr 2005 11:03:16 +0200 Received: with ECARTIS (v1.0.0; list linux-crypto); Sat, 02 Apr 2005 11:02:47 +0200 (CEST) Received: from [217.112.240.26] (helo=mail.tnnet.fi) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1DHeWS-0006Ns-Hh for linux-crypto@nl.linux.org; Sat, 02 Apr 2005 11:02:28 +0200 Received: from localhost (localhost [127.0.0.1]) by mail.tnnet.fi (Postfix) with ESMTP id 5021D1902FF; Sat, 2 Apr 2005 12:02:07 +0300 (EEST) Received: from mail.tnnet.fi ([127.0.0.1]) by localhost (mail [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 17101-12; Sat, 2 Apr 2005 12:02:00 +0300 (EEST) Received: from armas (a64.adsl.tnnet.fi [217.112.242.64]) by mail.tnnet.fi (Postfix) with ESMTP id 45AD12F231; Sat, 2 Apr 2005 12:00:57 +0300 (EEST) Received: from localhost ([127.0.0.1] helo=users.sourceforge.net) by armas with esmtp (Exim) id 1DHeUy-0001cw-00; Sat, 02 Apr 2005 12:00:56 +0300 Message-ID: <424E5F48.A37509BA@users.sourceforge.net> Date: Sat, 02 Apr 2005 12:00:56 +0300 From: Jari Ruusu X-Mailer: Mozilla 4.79 [en] (X11; U; Linux 2.4.22aa1r8 i686) X-Accept-Language: en MIME-Version: 1.0 To: Gabriel =?iso-8859-1?Q?J=E4genstedt?= Cc: linux-crypto@nl.linux.org Subject: Re: Partitions on loopback References: <91a4537e34f7346374f29e04622fc834@evinrude> <87wts7y4vh.fsf@evinrude.uhoreg.ca> <87oedhx7aa.fsf@evinrude.uhoreg.ca> <87r7i749uc.fsf@evinrude.uhoreg.ca> <87sm2c7ra6.fsf@evinrude.uhoreg.ca> <20050330235650.GC12080@black-sun.demon.co.uk> <20050401143545.4bc20196@insula.localdomain> <424D4E74.7481464E@users.sourceforge.net> <20050401221732.D6A035080BC@mailrelay1.bredband.net> Content-Type: text/plain; charset=iso-8859-1 X-Virus-Scanned: amavisd-new at mail.tnnet.fi Content-Transfer-Encoding: quoted-printable Received-SPF: X-Spam-Status: No, score=0.1 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.0.1 X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on humbolt.nl.linux.org X-Spam-Level: X-ecartis-version: Ecartis v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: jariruusu@users.sourceforge.net Precedence: bulk List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto Gabriel J=E4genstedt wrote: > Could I just ask why you gave different keys for each device? Because that provides better protection against identical ciphertexts. Identical ciphertexts using same encryption key are bad because they leak information. When sector data is encrypted or decrypted, position information within a partition or device is used in IV computation and in multi-key mode to al= so to select the encryption key. This provides reasonable guarantee that whe= n same data is written to more than one sectors, ciphertexts will be differ= ent and attacker observing ciphertexts can't find out what plaintext sectors contain identical data. If same key file is used to encrypt more than one file system, there is a danger that same data + same encryption key + sam= e position info will result in identical ciphertexts. Examples: (A) losetup -e AES128 -K foo1.gpg /dev/loop1 /dev/hda1 (B) losetup -e AES128 -K foo2.gpg /dev/loop2 /dev/hda2 (C) losetup -e AES128 -K foo3.gpg /dev/loop3 /dev/hda3 (D) losetup -e AES128 -K foo1.gpg -o @32256 -s 24643584 /dev/loop1= /dev/hda (E) losetup -e AES128 -K foo2.gpg -o @24675840 -s 5733020160 /dev/loop2= /dev/hda (F) losetup -e AES128 -K foo3.gpg -o @5757696000 -s 526417920 /dev/loop3= /dev/hda (G) losetup -e AES128 -K foo1.gpg -o 32256 -s 24643584 /dev/loop1 = /dev/hda (H) losetup -e AES128 -K foo2.gpg -o 24675840 -s 5733020160 /dev/loop2 = /dev/hda (I) losetup -e AES128 -K foo3.gpg -o 5757696000 -s 526417920 /dev/loop3 = /dev/hda In examples (A), (B), (C), (D), (E), and (F), first loop device sector is encrypted using position info 0, second sector using position info 512, third sector using position info 1024, and so on. In example (G) first lo= op device sector is encrypted using position info 32256, second sector using position info 32256+512, third sector using position info 32256+1024, and= so on. In example (H) first loop device sector is encrypted using position i= nfo 24675840, second sector using position info 24675840+512, third sector us= ing position info 24675840+1024, and so on. In example (I) first loop device sector is encrypted using position info 5757696000, second sector using position info 5757696000+512, third sector using position info 5757696000+1024, and so on. Examples (A), (B), (C), (D), (E), and (F) must use different key files to avoid identical ciphertexts. Examples (G), (H), and (I) can use same key file because they never use same position info for IV computation. > Oh and why is the first partition starting at sector 63? Because I losetup'ed file systems that were originally created as partitions, but this time using partitionless full device. Most disk partitioning software that uses MSDOS style partitions leaves first track of first cylinder as unused. That is because the Master-Boot-Record and partition table are in first sector of first cylinder. --=20 Jari Ruusu 1024R/3A220F51 5B 4B F9 BB D3 3F 52 E9 DB 1D EB E3 24 0E A9 = DD - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Sat Apr 02 20:41:15 2005 Received: from localhost ([127.0.0.1] helo=humbolt) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1DHnYX-00047p-0O; Sat, 02 Apr 2005 20:41:13 +0200 Received: with ECARTIS (v1.0.0; list linux-crypto); Sat, 02 Apr 2005 20:40:29 +0200 (CEST) Received: from mailrelay1.bredband.net ([195.54.107.81]) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1DHnXV-00045t-72 for linux-crypto@nl.linux.org; Sat, 02 Apr 2005 20:40:09 +0200 Received: from insula.localdomain (ua-83-227-221-136.cust.bredbandsbolaget.se [83.227.221.136]) by mailrelay1.bredband.net (Postfix) with ESMTP id B22DC5080F3 for ; Sat, 2 Apr 2005 20:40:24 +0200 (CEST) From: Gabriel =?ISO-8859-1?Q?J=E4genstedt?= To: linux-crypto@nl.linux.org Subject: Re: Partitions on loopback In-Reply-To: <424E5F48.A37509BA@users.sourceforge.net> References: <91a4537e34f7346374f29e04622fc834@evinrude> <87wts7y4vh.fsf@evinrude.uhoreg.ca> <87oedhx7aa.fsf@evinrude.uhoreg.ca> <87r7i749uc.fsf@evinrude.uhoreg.ca> <87sm2c7ra6.fsf@evinrude.uhoreg.ca> <20050330235650.GC12080@black-sun.demon.co.uk> <20050401143545.4bc20196@insula.localdomain> <424D4E74.7481464E@users.sourceforge.net> <20050401221732.D6A035080BC@mailrelay1.bredband.net> <424E5F48.A37509BA@users.sourceforge.net> X-Mailer: Sylpheed-Claws 1.0.3 (GTK+ 1.2.10; i386-pc-linux-gnu) Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Message-Id: <20050402184024.B22DC5080F3@mailrelay1.bredband.net> Date: Sat, 2 Apr 2005 20:40:24 +0200 (CEST) Received-SPF: X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on humbolt.nl.linux.org X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=BAYES_50 autolearn=no version=3.0.1 X-ecartis-version: Ecartis v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: gabriel.j@telia.com Precedence: bulk List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto Ahh.. I see. I was thinking in the lines of creating one big loopback device that could then be "partitioned" using the offset and size parameters. I think it would be quite nice if there could be no visible parts outside the system. I have a feeling that creating loopback devices directly from the hda would expose how big they are, which is not desirable. Maybe this is true if you first encrypt the entire drive as well. =20 losetup -e AES128 -K key.gpg -S -C 100 /dev/loop0 /dev/hda=20 (Why does noone use AES256? Isn't that more secure? Is there a big speed bump?) losetup -o @32256-s 1003451904 /dev/loop1 /dev/loop0 losetup -o @1003484160 -s 1003451904 /dev/loop2/ /dev/loop0 losetup -o @2006936064 -s 5000937984 /dev/loop3/ /dev/loop0 I though something like the above. This might not be advisable though? On Sat, 02 Apr 2005 12:00:56 +0300 Jari Ruusu wrote: > Gabriel J=E4genstedt wrote: > > Could I just ask why you gave different keys for each device? >=20 > Because that provides better protection against identical ciphertexts. > Identical ciphertexts using same encryption key are bad because they > leak information. >=20 > When sector data is encrypted or decrypted, position information > within a partition or device is used in IV computation and in > multi-key mode to also to select the encryption key. This provides > reasonable guarantee that when same data is written to more than one > sectors, ciphertexts will be different and attacker observing > ciphertexts can't find out what plaintext sectors contain identical > data. If same key file is used to encrypt more than one file system, > there is a danger that same data + same encryption key + same position > info will result in identical ciphertexts. >=20 > Examples: > (A) losetup -e AES128 -K foo1.gpg /dev/loop1 /dev/hda1 > (B) losetup -e AES128 -K foo2.gpg /dev/loop2 /dev/hda2 > (C) losetup -e AES128 -K foo3.gpg /dev/loop3 /dev/hda3 > (D) losetup -e AES128 -K foo1.gpg -o @32256 -s 24643584 =20 > /dev/loop1 /dev/hda (E) losetup -e AES128 -K foo2.gpg -o @24675840 =20 > -s 5733020160 /dev/loop2 /dev/hda (F) losetup -e AES128 -K foo3.gpg -o > @5757696000 -s 526417920 /dev/loop3 /dev/hda (G) losetup -e AES128 -K > foo1.gpg -o 32256 -s 24643584 /dev/loop1 /dev/hda (H) losetup > -e AES128 -K foo2.gpg -o 24675840 -s 5733020160 /dev/loop2 /dev/hda > (I) losetup -e AES128 -K foo3.gpg -o 5757696000 -s 526417920=20 > /dev/loop3 /dev/hda >=20 > In examples (A), (B), (C), (D), (E), and (F), first loop device sector > is encrypted using position info 0, second sector using position info > 512, third sector using position info 1024, and so on. In example (G) > first loop device sector is encrypted using position info 32256, > second sector using position info 32256+512, third sector using > position info 32256+1024, and so on. In example (H) first loop device > sector is encrypted using position info 24675840, second sector using > position info 24675840+512, third sector using position info > 24675840+1024, and so on. In example (I) first loop device sector is > encrypted using position info 5757696000, second sector using position > info 5757696000+512, third sector using position info 5757696000+1024, > and so on. >=20 > Examples (A), (B), (C), (D), (E), and (F) must use different key files > to avoid identical ciphertexts. Examples (G), (H), and (I) can use > same key file because they never use same position info for IV > computation. >=20 > > Oh and why is the first partition starting at sector 63? >=20 > Because I losetup'ed file systems that were originally created as > partitions, but this time using partitionless full device. Most disk > partitioning software that uses MSDOS style partitions leaves first > track of first cylinder as unused. That is because the > Master-Boot-Record and partition table are in first sector of first > cylinder. >=20 > --=20 > Jari Ruusu 1024R/3A220F51 5B 4B F9 BB D3 3F 52 E9 DB 1D EB E3 24 0E > A9 DD >=20 > - > Linux-crypto: cryptography in and on the Linux system > Archive: http://mail.nl.linux.org/linux-crypto/ >=20 --- //gabriel - a true believer - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/ From linux-crypto-bounce@nl.linux.org Sat Apr 02 23:10:02 2005 Received: from localhost ([127.0.0.1] helo=humbolt) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1DHpsV-0006Ud-6l; Sat, 02 Apr 2005 23:09:59 +0200 Received: with ECARTIS (v1.0.0; list linux-crypto); Sat, 02 Apr 2005 23:09:42 +0200 (CEST) Received: from [2002:c7b5:6b60::1] (helo=versailles.domum.net) by humbolt.nl.linux.org with esmtp (Exim 4.22) id 1DHprt-0006Tc-RC for linux-crypto@nl.linux.org; Sat, 02 Apr 2005 23:09:22 +0200 Received: from localhost (localhost [127.0.0.1]) (uid 80) by versailles.domum.net with local; Mon, 21 Mar 2005 03:22:20 +0000 To: linux-crypto@nl.linux.org Subject: Msn a mais nova versao ja disponivel, Nao Perca From: msn@msn.com.br X-priority: 1 Received: from inter.net Received: from dot.net Message-ID: Date: Mon, 21 Mar 2005 03:22:20 +0000 Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-15 Content-Transfer-Encoding: quoted-printable X-Mime-Autoconverted: from 8bit to quoted-printable by courier 0.45.2 X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on humbolt.nl.linux.org X-Spam-Status: No, score=1.1 required=5.0 tests=ALL_TRUSTED,BAYES_99, DATE_IN_PAST_96_XX,NORMAL_HTTP_TO_IP,NO_REAL_NAME,PRIORITY_NO_NAME autolearn=no version=3.0.1 X-Spam-Level: * X-ecartis-version: Ecartis v1.0.0 Sender: linux-crypto-bounce@nl.linux.org Errors-to: linux-crypto-bounce@nl.linux.org X-original-sender: msn@msn.com.br Precedence: bulk List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: X-List-ID: List-subscribe: List-owner: List-post: List-archive: X-list: linux-crypto