LUKS: Difference between revisions

Revision as of 05:09, 3 August 2020

LUKS encryption

Getting Started

See Archwiki: dm-crypt/Device encryption.

Encrypting a device

Setup encryption

cryptsetup -v --type luks1 --cipher aes-xts-plain64 --key-size 512 --hash sha512 \
           --iter-time 5000 --use-urandom --verify-passphrase luksFormat <device>

Open encrypted drive

cryptsetup open <device> <name>

Create a partition

mkfs.fstype /dev/mapper/<name>
# E.g.
# mkfs.ext4 /dev/mapper/luksdrive1

Securely wipe the unused portion of the drive
- Do this to prevent cryptographic attacks and to overwrite existing data on the drive

dd if=/dev/zero of=<file_somewhere> status=progress
# Delete the file afterwards

Notes

You can see defaults using cryptsetup --help.
--type options
- luks defaults to luks1 on cryptsetup < 2.1.0, luks2 on cryptsetup >= 2.1.0
- luks1 is the standard version of LUKS.
- luks2 is a new version released in Dec 2017. Older versions of Grub (before 2.06 or June 2020) do not support booting from LUKS2.
- plain is dm-crypt plain mode. Avoid this unless you know what you're doing.
- loopaes Avoid this as well.
- tcrypt Use this for mounting older truecrypt volumes.

defaults

defaults on Ubuntu 18.04

Default compiled-in device cipher parameters:
	loop-AES: aes, Key 256 bits
	plain: aes-cbc-essiv:sha256, Key: 256 bits, Password hashing: ripemd160
	LUKS1: aes-xts-plain64, Key: 256 bits, LUKS header hashing: sha256, RNG: /dev/urandom

Mounting

# Open the encrypted drive
cryptsetup open <device> <name>
# Mount your partition
mount -t <fstype> /dev/mapper/<name> <mountlocation>

Unmounting

# Unmount your partition
umount <mountlocation>
# Close the decrypted drive
cryptsetup close <name>

Benchmark

cryptsetup benchmark

Example Output

# Tests are approximate using memory only (no storage IO).
PBKDF2-sha1      1213629 iterations per second for 256-bit key
PBKDF2-sha256    1524093 iterations per second for 256-bit key
PBKDF2-sha512    1082121 iterations per second for 256-bit key
PBKDF2-ripemd160  648069 iterations per second for 256-bit key
PBKDF2-whirlpool  421453 iterations per second for 256-bit key
argon2i       4 iterations, 875179 memory, 4 parallel threads (CPUs) for 256-bit key (requested 2000 ms time)
argon2id      4 iterations, 889195 memory, 4 parallel threads (CPUs) for 256-bit key (requested 2000 ms time)
#     Algorithm |       Key |      Encryption |      Decryption
        aes-cbc        128b       542.7 MiB/s      2192.7 MiB/s
    serpent-cbc        128b        67.3 MiB/s       459.9 MiB/s
    twofish-cbc        128b       140.6 MiB/s       285.8 MiB/s
        aes-cbc        256b       405.3 MiB/s      1701.8 MiB/s
    serpent-cbc        256b        71.6 MiB/s       459.5 MiB/s
    twofish-cbc        256b       146.6 MiB/s       287.1 MiB/s
        aes-xts        256b      1421.6 MiB/s      1449.2 MiB/s
    serpent-xts        256b       455.9 MiB/s       444.0 MiB/s
    twofish-xts        256b       284.2 MiB/s       286.3 MiB/s
        aes-xts        512b      1187.2 MiB/s      1177.9 MiB/s
    serpent-xts        512b       454.7 MiB/s       446.1 MiB/s
    twofish-xts        512b       284.9 MiB/s       286.5 MiB/s

Adiantum

If you're running a device which does not support AES instructions (e.g. Raspberry Pi), you may be interested in Adiantum^[1].
Adiantum is an encryption mode by Google which uses ChaCha12 for block encryption. It is included in Linux kernel v5.0.

Creation

cryptsetup -v --type luks2 --cipher xchacha12,aes-adiantum --sector-size 4096 \
           --key-size 256 --hash sha512 --iter-time 5000 --use-urandom \
           --verify-passphrase luksFormat <device>

Benchmark^[2]

cryptsetup benchmark -c xchacha12,aes-adiantum -s 512

Scripts

mount_drives.sh

unmount_drives.sh

Resources

nixCraft How To Linux Hard Disk Encryption With LUKS

References

↑ Google Blog: Introducing Adiantum: Encryption for the Next Billion Users https://security.googleblog.com/2019/02/introducing-adiantum-encryption-for.html
↑ https://www.reddit.com/r/crypto/comments/b3we04/aesadiantum_new_mode_in_linux_kernel_5/

[adiantum-1] Google Blog: Introducing Adiantum: Encryption for the Next Billion Users https://security.googleblog.com/2019/02/introducing-adiantum-encryption-for.html

[2] ttps://www.reddit.com/r/crypto/comments/b3we04/aesadiantum_new_mode_in_linux_kernel_5/

[1]

[2]

@@ Line 100: / Line 100: @@
 ==Adiantum==
 If you're running a device which does not support AES instructions (e.g. Raspberry Pi), you may be interested in Adiantum<ref name="adiantum">Google Blog: Introducing Adiantum: Encryption for the Next Billion Users [https://security.googleblog.com/2019/02/introducing-adiantum-encryption-for.html https://security.googleblog.com/2019/02/introducing-adiantum-encryption-for.html]</ref>.
-Adiantum
+Adiantum is an encryption mode by Google which uses ChaCha12 for block encryption.
+It is included in Linux kernel v5.0.
 ;Creation
@@ Line 155: / Line 156: @@
 ==Resources==
 * [https://www.cyberciti.biz/hardware/howto-linux-hard-disk-encryption-with-luks-cryptsetup-command/ nixCraft How To Linux Hard Disk Encryption With LUKS]
+==References==