Re: [dev] Disk encryption

From: T Taylor Gurney <ttgurney_AT_ttgurney.com>
Date: Wed, 29 Jun 2022 15:40:51 -0500

On Wed, Jun 22, 2022 at 06:59:01AM +0000, Antenore Gatta wrote:
> WARNING: These are not meant to give you a solution, but to be used as
> a learning exercise, their goals are completely different (often).
>
> - luks2flt [1] Mainly for win32 (Please don't be sick!)
> It's quite interesting.
> - grub have a huge code base, the luks implementation seems 'light' [2]
> Have a look at grub-core/disk/luks2.c and grub-core/lib/crypto.c
> - libvirt/qemu [3] Another mastodon, but again, the implementation
> looks neat (almost)
> See src/qemu/qemu_block.c
>
> And on GitHub/GitLab, there are plenty of other mini/home projects
> meant to brute-force-crack an encrypted disk and/or block device. Often
> they use cryptosetup, but sometimes are full self made.
>
> Hope it helps ;-P

Thanks very much for the additional resources. I'll put that in my back
pocket, for if I ever decide to dare writing my own tool for this.

I ended up going with loop-AES, which is relatively small, mature, and
apparently well-maintained. The companion tool "aespipe" is nice and
simple as well.

cryptsetup, on the other hand, really sucks. I was able to dodge
the OpenSSL dependency by running the configure script with
--with-crypto-backend=kernel (why this isn't the default, who knows?).
Still, half a dozen dependencies, a dozen configure flags, and one
custom Makefile later, I ran into this:

    configure: error: Cannot link with static device-mapper library.

I gave up at that point.

Taylor
Received on Wed Jun 29 2022 - 22:40:51 CEST

This archive was generated by hypermail 2.3.0 : Wed Jun 29 2022 - 23:24:07 CEST