Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
HOWTO encrypt an existing filesystem with dmcrypt and dd
View unanswered posts
View posts from last 24 hours

Goto page Previous  1, 2  
Reply to topic    Gentoo Forums Forum Index Documentation, Tips & Tricks
View previous topic :: View next topic  
Author Message
Sadako
Advocate
Advocate


Joined: 05 Aug 2004
Posts: 3753
Location: sleeping in the bathtub

PostPosted: Fri Jan 18, 2008 1:07 am    Post subject: Reply with quote

nielchiano wrote:
I'm no LUKS expert either, but according to the info I read, LUKS is acting more like a "header" It occupies the first N blocks of the partition. The crypto-data starts at sector N+1.
You can check that by creating a non-LUKS cryptomap and compare the offsets in dmtable:
Code:
loopcrypto: 0 20480 crypt aes-cbc-plain XXXXXXXX 0 7:0 0

Code:
loopcryptoLUKS: 0 19448 crypt aes-cbc-essiv:sha256 XXXXXXXX 0 7:0 1032

(format is documented here: http://www.saout.de/misc/dm-crypt/)
You can see that the luks-partition is offset by 1032 sectors from the beginning. In other words: the first 1032 sectors contain the LUKS header specifying the different keys that can be used to unlock the partition.
The (encrypted) filesystem doesn't even SEE the LUKS-data, just like it doesn't see the previous partition of the disk.
so this is correct:
depontius wrote:
then LUKS is essentially a "container partition", meaning it sits *raw* inside a partition, and then itself acts like a partition to the filesystem it's hosting

Now why can't I ever expalin things that clearly?

:?

This is what I came up with to try to create a picture of the layout;
Code:
( physical disk ( partition ( ( luks header ) ( dmcrypt mapping ( filesystem ) ) ) ) )

_________________
"You have to invite me in"
Back to top
View user's profile Send private message
wesw02
Apprentice
Apprentice


Joined: 10 Nov 2004
Posts: 213
Location: Dayton, Ohio, USA

PostPosted: Sun Apr 06, 2008 7:38 pm    Post subject: Disadvantages of encrypting a partition Reply with quote

I'm extremely new to hard drive encryption, infact this article is only the second one I've read on the subject. I'm curious what are the disadvantages of encrypting your partition. I would imagine that read/write would be slowed a bit due to the overhead of encrypting and decrypting the data, but are there any others?

Edit: Also, what is the disadvantage of increasing the key-size, does it just slow down read/write the large the key-size? What is an ideal key-size to protect my data? Does it depend on the cipher I choose?
Back to top
View user's profile Send private message
TBH the lolmaker
n00b
n00b


Joined: 01 Feb 2006
Posts: 64
Location: Poland

PostPosted: Sun Apr 06, 2008 9:01 pm    Post subject: Reply with quote

Recently someone ran a test about efficiency of ecrypted filesystem, it was veeeeeeery little difference, I can confirm that ;)
_________________
Niegodna śmierć jest tylko wtedy, kiedy próbowało się przeżyć cudzym kosztem.
Hanna Krall (ur. 1937), polska dziennikarka i pisarka.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Documentation, Tips & Tricks All times are GMT
Goto page Previous  1, 2
Page 2 of 2

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum