HDD encryption, expert guru help needed.

Anonymous — Sat Apr 23, 2005 8:43 am

Author: Anonymous

Posted: Sat Apr 23, 2005 8:43 am

Alrighty, I have a lot to say, but not a great deal of time, so Im going to get right to it.
A while ago I purchased 3 external maxtor 200 gig usb2 hdd's. I have them set up in a raid array, which is encrypted on 2 levels.

This is how it works,
Each disk is individually encrypted at the io level, then the 3 disks are mapped into a raid0 partition, which is again fed through dmcrypt to produce the final partition which I can format and mount as such.

WHY ?
Because I dont trust AES, or any one cipher. AES is especially suspect, because like the now broken DES the NSA are reccomending it, and because it uses a very questionable algebra system. Clearly they want a breakable cipher, that only they can crack, no perhaps not today, but within 10 years.
Of the remaining 4 candidates I most prefer serpent. AES , anubis and twofish are my io level choices, and the final raid partition is mapped with serpent.

Does it work at an acceptable speed ?
YES.
The raid0 increases the bandwidth all things considered and the algorythms were designed with limited resources in mind. I have 600 gig, as fast (auctually faster) than any HDD. The encryption is operative as far as I can tell, and my centrino 1.6 cpu jumps when I move data on to it. It works. Well.
It should also be noted that I have a gig of ram.

Here is the script I use......

#! /bin/sh

# CYRAX-REF

devlabel add -u S:IBMMemoryKey -s /dev/key
devlabel add -u S80:uniquenumberishereMaxtorOneTouchII -s /dev/exar0
devlabel add -u S80:uniquenumberishereMaxtorOneTouchII -s /dev/exar1
devlabel add -u S80:uniquenumberishereMaxtorOneTouchII -s /dev/exar2
devlabel start

umount /mnt/key
mkfs /dev/key
mount /dev/key /mnt/key

dd if=/dev/urandom of=/mnt/key/cyrax-0 bs=1c count=32
dd if=/dev/urandom of=/mnt/key/cyrax-1 bs=1c count=40
dd if=/dev/urandom of=/mnt/key/cyrax-2 bs=1c count=32
dd if=/dev/urandom of=/mnt/key/lucifer bs=1c count=32

umount /mnt/lucifer
dmsetup remove lucifer
mdadm -S /dev/md1
rm /dev/md1
dmsetup remove cyrax-0
dmsetup remove cyrax-1
dmsetup remove cyrax-2

cryptsetup.sh -c anubis-cbc-essiv:sha256 -s 40 -d /mnt/key/cyrax-0 create cyrax-0 /dev/exar0
cryptsetup.sh -c aes-cbc-essiv:sha256 -s 32 -d /mnt/key/cyrax-1 create cyrax-1 /dev/exar1
cryptsetup.sh -c twofish-cbc-essiv:sha256 -s 32 -d /mnt/key/cyrax-2 create cyrax-2 /dev/exar2
cryptsetup.sh status cyrax-0
cryptsetup.sh status cyrax-1
cryptsetup.sh status cyrax-2
mdadm -Cv /dev/md1 --auto -l0 -n3 -c32 /dev/mapper/cyrax-0 /dev/mapper/cyrax-1 /dev/mapper/cyrax-2
cryptsetup.sh -c serpent-cbc-essiv:wp256 -s 32 -d /mnt/key/lucifer create lucifer /dev/md1
cryptsetup.sh status lucifer
mkfs.reiserfs -f -q /dev/mapper/lucifer

mount /dev/mapper/lucifer /mnt/lucifer

There are many aspects to this script, and I cannot go through everything. I recompiled my kernel too, with supporting options. I am using Slackware 10. Kernel 2.6.11.7, with grsecurity (high+PAX) and an updated vesa patch.

After this script has generated my partition I use a different script to mount it as follows...

#!/bin/sh

# CYRAX-IO

devlabel add -u S:IBMMemoryKey -s /dev/key
devlabel add -u S80:uniquenumberishereMaxtorOneTouchII -s /dev/exar0
devlabel add -u S80:uniquenumberishereMaxtorOneTouchII -s /dev/exar1
devlabel add -u S80:uniquenumberishereMaxtorOneTouchII -s /dev/exar2
devlabel start

mount /dev/key /mnt/key

cryptsetup.sh -c anubis-cbc-essiv:sha256 -s 40 -d /mnt/key/cyrax-0 create cyrax-0 /dev/exar0
cryptsetup.sh -c aes-cbc-essiv:sha256 -s 32 -d /mnt/key/cyrax-1 create cyrax-1 /dev/exar1
cryptsetup.sh -c twofish-cbc-essiv:sha256 -s 32 -d /mnt/key/cyrax-2 create cyrax-2 /dev/exar2

mdadm -A --auto /dev/md1 /dev/mapper/cyrax-0 /dev/mapper/cyrax-1 /dev/mapper/cyrax-2
cryptsetup.sh -c serpent-cbc-essiv:wp256 -s 32 -d /mnt/key/lucifer create lucifer /dev/md1

mount /dev/mapper/lucifer /mnt/lucifer

I store my keys on a usb key. Later I plan to encrypt them too, with idea over a password.

To answer a few possible questions,

Why not raid 5 ?
Because then only 2 of the disks would have to have their encryption broken. The parity would generate the third.

Why a memory key ?
Erasing data from a hard drive is practically impossible, A memory key is much more difficult for the forensic examiner, if the data has been overwritten. Furthermore I can flush it down the toilet for extra fun.

Why Why Why are you doing this ?
Cause its cool. Like James Bondish. Kinda wish I had something to hide. But hey nobody will auctually know if I do or not, so thats one step closer.

OK you have read this far, now I need your help if your an expert guru.
ReiserFS works just fine, but I was trying other filesystems to see if i could get more speed out of one. XFS crashed my system (amazing it never has happened before) and bfs(?) sucks. Thanks again SCO.

Now I am running a Thinkpad T40p.

Here is my problem. I tried jfs (IBM's contributed super file system) and boy was it fast. UNFORTUNATELY after I rebooted my system, after I formatted using jfs in the first script (the refresh) I was prompted with a bios prompt. Asking for a password. Hmmmmmmm.....

In the IBM bios, the way I have it set up, if you plug in a BOOTABLE external HDD you need to give a password over to allow the system to boot from that.

So what has happened here is that the IBM bios somehow knows there is a jfs file system in my double encrypted raid. Which is in my opinion totally impossible. When I changed file systems, nada.

So my question to anyone not crying of boredom by now is WTF ?

Once again these disk are mapped at the io level, it is NOT possible for this to happen. Consipacy theories ?

By the way nice site. It really took 2 long though.

If anyone is interested in my kernel config I might be willing to let it out... just ask.

Linux Format forums

HDD encryption, expert guru help needed.