Encrypting an Existing FS with 'dd'

ta0kira · 01-23-2006, 02:37 PM

Is this a safe way to encrypt a file system which already exists (on hda1)?

Code:

> umount /dev/hda1

> modprobe cryptoloop

> modprobe aes

> losetup /dev/loop0 /dev/hda1 -e aes
Password:

> dd if=/dev/hda1 of=/dev/loop0

> losetup -d /dev/loop0

> mount /dev/hda1 /mnt/hd -o encryption=aes
Password:

I've done this with several of my existing file systems (non-journaled systems only) and it seems to work fine. Is there any reason to not use this method? Thanks.
ta0kira

nx5000 · 01-24-2006, 09:41 AM

http://kerneltrap.org/node/2433
http://lwn.net/Articles/67216/

Problems:
->Original Cryptoloop is vulnerable to Dictionnary attacks. If you think bigbrother is watching you, consider dm-crypt.

->dm-crypt is more stable

->Cryptloop will maybe be removed from the kernel >2.7

Solutions:
->Switch to dm-crypt
->Or if using cryptoloop DO NOT USE A KNOWN WORD as your key (there are not so many words that are more than 20 letters unless you are german, chinese,..

->Use a modified cryptoloop.

I think its time to switch to dm-crypt, it's very easy to use with the help of cryptsetup. Also exists LUKS on top of this but i'm not using it

ta0kira · 01-24-2006, 01:35 PM

I've been trying out cryptsetup.sh and it works great, however what is the overhead as far as using it from an initrd (not addressed in my original post)? Also, does 'mount -o encryption' share the same weaknesses of losetup? cryptsetup.sh using '-h plain' is compatible with losetup, so does using that option give me the same weaknesses? Thanks.
ta0kira