On Aug 6, 2005, at 12:15 AM, Max Vozeler wrote:
On Fri, Aug 05, 2005 at 09:05:52AM +0100, Martin Michlmayr wrote:Thanks for working on this. Just a quick question: what's the advantage of loop-AES over dm-crypt?That's of course a matter of discussion. :-) loop-AES has ... [ lots of features ] ...
This is completely true; dm-crypt is just a brainless intermediary. In fact, I think cryptsetup (which I maintain) is pretty awful.That said, for the kernel part, I think dm-crypt is a lot nicer than loop-AES.
The ultimate crypto on linux would be to take the features from loop-AES
and move them into a nice user-land tool that sets up the dmcrypt key.
The whole scheme of how and where to integrate encryption really
needs to be thought through in a lot more detail. There are many
levels where the user might want to apply encrypt:
1) whole filesystem decrypted at boot time
(current mkinitrd in debian has some basic support for this)
2) a special encrypted mount point setup during boot
(cryptdisks inside cryptsetup.deb makes a bad stab at this,
the better solution is attached to #290324, rotting)
3) an encrypted home directory decrypted when logging in
4) an automounted disk decrypted when a USB stick is attached
(cryptsetup includes an example hotplug script for this)
...?
Of course all of these schemes have inadequate key management.
What is missing is the smart user-land tool that uses gpg/openssl.
Still, in my opinion, the attacks against the various crypto systems are
less important than the usability issues that exist today. Most people
are using encryption to defend against much less empowered groups
than the NSA, such as common thieves.
I used to encrypt my root filesystem and require a usb stick to boot it.
I'm switching away from this though, as the maintenance costs are
too high. I'm trying out #3 now. I know some people doing #4, but
unmounting the disk causes trouble for them.
Much of the code should be identical for dm-crypt and loop-AES.
My understanding is that loop-AES does more of the key management in kernel land and on the block device, am I mistaken? Personally, I think using gpg/openssl to protect the session key used to encrypt the disk is the way to go.
Wesley I'm CCing you to ask for correction on what I wrote about dm-crypt above
Sounded fine.
and if you'd perhaps be interested in joining this work.
Unfortunately, I barely have time to maintain cryptsetup atm.
We'd probably need at least a cryptsetup-udeb, if my understanding of dm-crypt is correct.
It would depend what you want to do. If you want to use the same (broken) cryptsetup scheme for passphrases, then you should use the library from cryptsetup. If you wanted to do a more elaborate key management scheme, using dmsetup directly would be more appropriate.
Attachment:
PGP.sig
Description: This is a digitally signed message part