[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Subject: OT: LUKS encryption -- block by block, file by file, or "one big lump"



On 3/9/23 06:53, rhkramer@gmail.com wrote:
Thanks to all who replied -- two clarifications requested below:

On Wednesday, March 08, 2023 09:45:33 PM David Christensen wrote:
...
A few years ago, I did a "bit rot" experiment.

Thanks for doing that experiment!

...

I wiped a disk, applied
a partitioning scheme, created a partition, formatted the partition with
LUKS (with default encryption), opened the LUKS container, created an
ext4 filesystem, mounted the filesystem, and wrote a large file
containing a predictable pattern.  I used hexdump(1) to find the
encrypted blocks on disk that corresponded to the file.  I used dd(1) to
write directly to the disk and change some portion of a block underlying
the file.  I then viewed the file contents with standard userland tools
(e.g. less(1)).  To my dismay, the tools could read the file without
error and the file contents were corrupt!

Just so I'm clear on that last sentence, what you're saying is that less was
able to read the file (view the content) but the file / content was corrupt?

And, was it the entire file that was corrupt?

I seem to recall that the
number of damaged bytes was the same on disc and in the file.

Maybe that answered my question -- I guess that is saying that only a few
bytes in the file were corrupt, and they were localized to one portion of the
file?

Thanks!


I believe I changed a byte somewhere in the middle of file blocks on disk using dd(1) and then I saw a bad byte somewhere in the middle of the file with less(1).


I suggest that you repeat the experiment. Just going through the process will give you a better understanding of the steps involved and the tools used.


David


Reply to: