LUKS: Difference between revisions
| Line 105: | Line 105: | ||
==Adiantum== | ==Adiantum== | ||
If you're running a device which does not support AES instructions (e.g. Raspberry Pi), you may be interested in Adiantum<ref name="adiantum">Google Blog: Introducing Adiantum: Encryption for the Next Billion Users [https://security.googleblog.com/2019/02/introducing-adiantum-encryption-for.html https://security.googleblog.com/2019/02/introducing-adiantum-encryption-for.html]</ref>. | If you're running a device which does not support hardware accelerated AES instructions (e.g. Raspberry Pi), you may be interested in Adiantum<ref name="adiantum">Google Blog: Introducing Adiantum: Encryption for the Next Billion Users [https://security.googleblog.com/2019/02/introducing-adiantum-encryption-for.html https://security.googleblog.com/2019/02/introducing-adiantum-encryption-for.html]</ref>. | ||
Adiantum is an encryption mode by Google which uses ChaCha12 for block encryption. | Adiantum is an encryption mode by Google which uses ChaCha12 for block encryption. | ||
It is included in Linux kernel v5.0. | It is included in Linux kernel v5.0. | ||
Revision as of 20:16, 26 April 2021
LUKS encryption
Getting Started
See Archwiki: dm-crypt/Device encryption.
Install cryptsetup
sudo apt install cryptsetup
Encrypting a device
- Setup encryption
cryptsetup -v --type luks2 --cipher aes-xts-plain64 --key-size 512 --hash sha512 \
--iter-time 5000 --use-urandom --verify-passphrase luksFormat "${DEVICE}"
- Open encrypted drive
cryptsetup open "${DEVICE}" "${NAME}"
- Create a partition
mkfs.fstype "/dev/mapper/${NAME}"
# mkfs.btrfs /dev/mapper/luksdrive1
- Securely wipe the unused portion of the drive
- Do this to prevent cryptographic attacks and to overwrite existing data on the drive
dd if=/dev/zero of=<file_somewhere> status=progress # Delete the file afterwards
Mounting
# Open the encrypted drive
cryptsetup open "${DEVICE}" "${NAME}"
# Mount your partition
mount -t btrfs /dev/mapper/${NAME} "${MOUNT_LOCATION}"
Unmounting
# Unmount your partition
umount "${MOUNT_LOCATION}"
# Close the decrypted drive
cryptsetup close ${NAME}
Encrpytion Options
- You can see defaults using
cryptsetup --help. --typeoptionsluksdefaults toluks1on cryptsetup < 2.1.0,luks2on cryptsetup >= 2.1.0luks1is the standard version of LUKS.luks2is a new version released in Dec 2017. Older versions of Grub (before 2.06 or June 2020) do not support booting from LUKS2.plainis dm-crypt plain mode. Avoid this unless you know what you're doing.loopaesAvoid this as well.tcryptUse this for mounting older truecrypt volumes.
--iter-timedynamically determines the number of iterations used to hash your password. The number of iterations is determined when creating the luks key. E.g.5000means hash for 5 seconds worth of iterations on your particular CPU. You can see the number of iterations for each key withcryptsetup luksDump <device>.
defaults
defaults on Ubuntu 18.04
Default compiled-in device cipher parameters: loop-AES: aes, Key 256 bits plain: aes-cbc-essiv:sha256, Key: 256 bits, Password hashing: ripemd160 LUKS1: aes-xts-plain64, Key: 256 bits, LUKS header hashing: sha256, RNG: /dev/urandom
Benchmark
cryptsetup benchmark
Example Output
# Tests are approximate using memory only (no storage IO).
PBKDF2-sha1 1213629 iterations per second for 256-bit key
PBKDF2-sha256 1524093 iterations per second for 256-bit key
PBKDF2-sha512 1082121 iterations per second for 256-bit key
PBKDF2-ripemd160 648069 iterations per second for 256-bit key
PBKDF2-whirlpool 421453 iterations per second for 256-bit key
argon2i 4 iterations, 875179 memory, 4 parallel threads (CPUs) for 256-bit key (requested 2000 ms time)
argon2id 4 iterations, 889195 memory, 4 parallel threads (CPUs) for 256-bit key (requested 2000 ms time)
# Algorithm | Key | Encryption | Decryption
aes-cbc 128b 542.7 MiB/s 2192.7 MiB/s
serpent-cbc 128b 67.3 MiB/s 459.9 MiB/s
twofish-cbc 128b 140.6 MiB/s 285.8 MiB/s
aes-cbc 256b 405.3 MiB/s 1701.8 MiB/s
serpent-cbc 256b 71.6 MiB/s 459.5 MiB/s
twofish-cbc 256b 146.6 MiB/s 287.1 MiB/s
aes-xts 256b 1421.6 MiB/s 1449.2 MiB/s
serpent-xts 256b 455.9 MiB/s 444.0 MiB/s
twofish-xts 256b 284.2 MiB/s 286.3 MiB/s
aes-xts 512b 1187.2 MiB/s 1177.9 MiB/s
serpent-xts 512b 454.7 MiB/s 446.1 MiB/s
twofish-xts 512b 284.9 MiB/s 286.5 MiB/s
Adiantum
If you're running a device which does not support hardware accelerated AES instructions (e.g. Raspberry Pi), you may be interested in Adiantum[1].
Adiantum is an encryption mode by Google which uses ChaCha12 for block encryption.
It is included in Linux kernel v5.0.
- Creation
cryptsetup -v --type luks2 --cipher xchacha12,aes-adiantum --sector-size 4096 \
--key-size 256 --hash sha512 --iter-time 5000 --use-urandom \
--verify-passphrase luksFormat <device>
- Benchmark[2]
cryptsetup benchmark -c xchacha12,aes-adiantum -s 512
Scripts
mount_drives.sh
#!/bin/bash
function mount_luks {
local fstype=$1
local device=$2
local name=$3
local mountpoint=$4
if [ ! -b /dev/mapper/"$name" ]
then
sudo cryptsetup open "$device" "$name"
fi
sudo mkdir -p "$mountpoint"
sudo mount -t $fstype /dev/mapper/"$name" "$mountpoint"
}
mount_luks ext4 /dev/disk/by-id/<drive> lukscrypt1 /media/lukscrypt1
unmount_drives.sh
#!/bin/bash
function unmount_luks {
local name=$1
local mountlocation=$2
sudo umount "$mountlocation" && \
sudo rm -r "$mountlocation"
sudo cryptsetup close "$name"
}
unmount_luks lukscrypt1 /media/lukscrypt1
Resources
References
- ↑ Google Blog: Introducing Adiantum: Encryption for the Next Billion Users https://security.googleblog.com/2019/02/introducing-adiantum-encryption-for.html
- ↑ https://www.reddit.com/r/crypto/comments/b3we04/aesadiantum_new_mode_in_linux_kernel_5/