Tricky Problem with corrupted LUKS-encrypted partition

IceDragon · 06-30-2010, 11:16 AM

Hello,

I have a really tricky and may be intresting problem with a encrypted disk partition (cryptsetup luks...) which was fine until it accidentally got re-formatted by an instance of Windows 7. Most of the data on that 1TB-disk will probably still exist, only the LUKS header at the very beginning of the partition is - of course - gone.

So when I try to open the container, it gives no verbose, just the return value 234.

I scanned the whole partition for other LUKS headers with hexedit, none there. But, luckyly I have another partition which is encrypted in the exact same way with the exact same passphrase (which I remember very well!), so I had an idea: I copied the LUKS header (592 bytes) from the other LUKS encrypted partition over to the damaged partition.
When I now issue

Code:

cryptsetup luksOpen /dev/sde1

the passphrase is asked, I enter it, which results in the error

Code:

No key available with this passphrase

Here is the command how I created the container:

Code:

cryptsetup -c aes-cbc-essiv:sha256 -y -s 256 luksFormat /dev/sde1

How do I get the existing passphrase accepted by LUKS?
What an I missing?

Any ideas, suggestions are greatly appreciated!
Thanks in advance,
IceDragon

timmeke · 07-01-2010, 04:21 AM

Not at all knowledgeable on LUKS and encrypted filesystems, so I'm just checking the basics from the man pages/google here:
Can you perform any action (remove, addKey, dump header,...)?
Secondly, cryptsetup seems to be a convenient shorthand util for the underlying dm-crypt. Did you search in that direction?

zirias · 07-01-2010, 04:31 AM

I hope you didn't have any valuable data on that partition

You're most definitely out of luck.

First: The encryption master key is completely random and stored in encrypted form in the header. When you lose the header, this key is lost.

Second: The key to decrypt the master key is indeed derived from your passphrase, but using a random salt. So there is no way to get the same "master-key-decryption-key" from a different luks header with the same passphrase.

IceDragon · 07-02-2010, 11:54 AM

Quote:

Originally Posted by timmeke

Can you perform any action (remove, addKey, dump header,...)?
Secondly, cryptsetup seems to be a convenient shorthand util for the underlying dm-crypt. Did you search in that direction?

No, I am not able to do ANY operation besides
cryptsetup isLuks /dev/sde1
which returns true since I copied the header of an other LUKS partition

thanks anyway,

Ice

IceDragon · 07-02-2010, 12:13 PM

Quote:

Originally Posted by zirias

First: The encryption master key is completely random and stored in encrypted form in the header. When you lose the header, this key is lost.

Second: The key to decrypt the master key is indeed derived from your passphrase, but using a random salt. So there is no way to get the same "master-key-decryption-key" from a different luks header with the same passphrase.

No, the data on this partition wasn't crucial, mostly temporary files, and working directories of various projects. No working hours are lost, I just have to re-render a lot of things, not really a big deal.
(I now like my habit of backing up crucial files, HOWTOs, any project data, and documentation very much!)

But you just confirmed what I suspected anyway and other sources already said - that any LUKS header differs greatly from another even if the cypher mode, hash function and password are identical.
I consider the data lost and will reformat the drive.

But one last question:
To prevent such a loss in the future, how much do I have to save? Is it enough to save the 592 bytes of the LUKS header (as this info specifies here http://de.wikipedia.org/wiki/Dm-crypt#On-Disk-Format (in german) )or do I need more?

Thanks in advance,
Ice

zirias · 07-02-2010, 05:05 PM

AFAIK, the header SHOULD be enough, i don't know of any "backup headers" in LUKS like e.g. in truecrypt (that would have come to your rescue right now)... but please, no warranty of any kind on that info

I have a quite similar problem right now with truecrypt (lost keyfile, so existing header is useless), but I happen to know the master encryption key, so I hope to recover by "hacking" truecrypt

IceDragon · 07-02-2010, 05:39 PM

Know what? I just test that and let's see whether these 592Bytes are enough.

Besides, good luck with your "hacking"...

Ice

IceDragon · 07-03-2010, 04:16 AM

Ok, I just tested whether saving the first 592bytes will do...
quick answer: No, it won't.

I generated a LUKS partition, copied some files into it, unmounted and closed it, saved the header with dd, issued an mkntfs (without zeroing the device, to simulate what apparently happened). Then I restored the LUKS header and tried to open it - nope, did not work.
It seems that backing up the first 592bytes is not enough to restore even part of the data on a LUKS partition after it got corrupted.
Something is missing, but what?

Greetings, Ice

skola · 07-03-2010, 05:31 PM

I'm not any kind of programmer/hacker though familiar with disk editors. I tried a couple of experiments with luks and Truecrypt using small partition/files (make it easier) on a clean disk.

With identical sized startings and adding known size files plus same/diff length/words password and comparing sectors I tried the sectors copy to no avail. So I believe that hack is safe and your data is gone.

IceDragon · 07-03-2010, 06:43 PM

LUKS is open source and I am a programmer for 25 years now, so when I find some time, I'm gonna look into this beast to determine how it is backed up (if one does not want to back up the whole partition)

Lesson learned for now: If a disk with a linux partition on it is moved to a PC with Windows 7 installed, make sure that it's partition type flag is NOT accidentally 0x07 = "Windows NTFS" or something similar, because then Windows may attempt to "repair" the "damaged" partition.

Greetings, Ice