dm-crypt is a transparent block device encryption subsystem in

Linux kernel The Linux kernel is a free and open-source, monolithic, modular, multitasking, Unix-like operating system kernel. It was originally authored in 1991 by Linus Torvalds for his i386-based PC, and it was soon adopted as the kernel for the GNU ope ...

versions 2.6 and later and in

DragonFly BSD DragonFly BSD is a free and open-source Unix-like operating system forked from FreeBSD 4.8. Matthew Dillon, an Amiga developer in the late 1980s and early 1990s and FreeBSD developer between 1994 and 2003, began working on DragonFly BSD in Ju ...

. It is part of the

device mapper The device mapper is a framework provided by the Linux kernel for mapping physical block devices onto higher-level ''virtual block devices''. It forms the foundation of the logical volume manager (LVM), software RAIDs and dm-crypt disk encryption, ...

(dm) infrastructure, and uses cryptographic routines from the kernel's Crypto API. Unlike its predecessor

cryptoloop Cryptoloop is a Linux kernel's disk encryption module that relies on the Crypto API, which is a cryptography framework introduced in version 2.5.45 of the Linux kernel mainline. Cryptoloop was first introduced in the 2.5.x kernel series; its functi ...

, dm-crypt was designed to support advanced modes of operation, such as XTS,

LRW LRW may refer to: * Liskov-Rivest-Wagner, in cryptography * Lifetime Real Women, US television channel * Little Rock West High School, school in Arkansas * Waco LRW, a military glider airplane {{dab ...

and

ESSIV Disk encryption is a special case of data rest protection when the storage medium is a sector-addressable device (e.g., a hard disk). This article presents cryptographic aspects of the problem. For an overview, see disk encryption. For discussion ...

(see

disk encryption theory Disk encryption is a special case of data rest protection when the storage medium is a sector-addressable device (e.g., a hard disk). This article presents cryptographic aspects of the problem. For an overview, see disk encryption. For discussion ...

for further information), in order to avoid

watermarking attack In cryptography, a watermarking attack is an attack on disk encryption methods where the presence of a specially crafted piece of data can be detected by an attacker without knowing the encryption key. Problem description Disk encryption suites g ...

s. In addition to that, dm-crypt addresses some reliability problems of cryptoloop. dm-crypt is implemented as a device mapper target and may be stacked on top of other device mapper transformations. It can thus encrypt whole disks (including

removable media Expandable storage is a form of computer storage that is designed to be inserted and removed from a system. Some forms of removable media, such as optical discs, require a reader to be installed in the computer, while others, such as USB flash dri ...

partition Partition may refer to: Computing Hardware * Disk partitioning, the division of a hard disk drive * Memory partition, a subdivision of a computer's memory, usually for use by a single job Software * Partition (database), the division of a ...

software RAID Raid, RAID or Raids may refer to: Attack * Raid (military), a sudden attack behind the enemy's lines without the intention of holding ground * Corporate raid, a type of hostile takeover in business * Panty raid, a prankish raid by male college ...

volumes,

logical volume In computer storage, logical volume management or LVM provides a method of allocating space on mass-storage devices that is more flexible than conventional partitioning schemes to store volumes. In particular, a volume manager can concatenate, ...

s, as well as

file File or filing may refer to: Mechanical tools and processes * File (tool), a tool used to ''remove'' fine amounts of material from a workpiece **Filing (metalworking), a material removal process in manufacturing ** Nail file, a tool used to gent ...

s. It appears as a block device, which can be used to back

file systems In computing, file system or filesystem (often abbreviated to fs) is a method and data structure that the operating system uses to control how data is stored and retrieved. Without a file system, data placed in a storage medium would be one larg ...

swap Swap or SWAP may refer to: Finance * Swap (finance), a derivative in which two parties agree to exchange one stream of cash flows against another * Barter Science and technology * Swap (computer programming), exchanging two variables in t ...

or as an LVM

physical volume In computer storage, logical volume management or LVM provides a method of allocating space on mass-storage devices that is more flexible than conventional partitioning schemes to store volumes. In particular, a volume manager can concatenate ...

. Some

Linux distribution A Linux distribution (often abbreviated as distro) is an operating system made from a software collection that includes the Linux kernel and, often, a package management system. Linux users usually obtain their operating system by downloading one ...

s support the use of dm-crypt on the root file system. These distributions use

initrd In Linux systems, initrd (''initial ramdisk'') is a scheme for loading a temporary root file system into memory, to be used as part of the Linux startup process. initrd and initramfs refer to two different methods of achieving this. Both are comm ...

to prompt the user to enter a passphrase at the console, or insert a

smart card A smart card, chip card, or integrated circuit card (ICC or IC card) is a physical electronic authentication device, used to control access to a resource. It is typically a plastic credit card-sized card with an embedded integrated circuit (IC) c ...

prior to the normal boot process.

Frontends

The dm-crypt device mapper target resides entirely in kernel space, and is only concerned with encryption of the

block device In Unix-like operating systems, a device file or special file is an interface to a device driver that appears in a file system as if it were an ordinary file. There are also special files in DOS, OS/2, and Windows. These special files allow an ...

it does not interpret any data itself. It relies on

user space A modern computer operating system usually segregates virtual memory into user space and kernel space. Primarily, this separation serves to provide memory protection and hardware protection from malicious or errant software behaviour. Kernel ...

front-ends to create and activate encrypted volumes, and manage authentication. At least two frontends are currently available: cryptsetup and cryptmount.

cryptsetup

The cryptsetup command-line interface, by default, does not write any headers to the encrypted volume, and hence only provides the bare essentials: encryption settings have to be provided every time the disk is mounted (although usually employed with automated scripts), and only one

key Key or The Key may refer to: Common meanings * Key (cryptography), a piece of information that controls the operation of a cryptography algorithm * Key (lock), device used to control access to places or facilities restricted by a lock * Key (map ...

can be used per volume; the

symmetric encryption Symmetric-key algorithms are algorithms for cryptography that use the same cryptographic keys for both the encryption of plaintext and the decryption of ciphertext. The keys may be identical, or there may be a simple transformation to go between th ...

key is directly derived from the supplied

passphrase A passphrase is a sequence of words or other text used to control access to a computer system, program or data. It is similar to a password in usage, but a passphrase is generally longer for added security. Passphrases are often used to control ...

. Because it lacks a "

salt Salt is a mineral composed primarily of sodium chloride (NaCl), a chemical compound belonging to the larger class of salts; salt in the form of a natural crystalline mineral is known as rock salt or halite. Salt is present in vast quantitie ...

", using cryptsetup is less secure in this mode than is the case with

Linux Unified Key Setup The Linux Unified Key Setup (LUKS) is a disk encryption specification created by Clemens Fruhwirth in 2004 and was originally intended for Linux. While most disk encryption software implements different, incompatible, and undocumented formats, LU ...

(LUKS). However, the simplicity of cryptsetup makes it useful when combined with third-party software, for example, with

authentication. cryptsetup also provides commands to deal with the LUKS on-disk format. This format provides additional features such as

key management Key management refers to management of cryptographic keys in a cryptosystem. This includes dealing with the generation, exchange, storage, use, crypto-shredding (destruction) and replacement of keys. It includes cryptographic protocol design, ...

and

key stretching In cryptography, key stretching techniques are used to make a possibly weak key, typically a password or passphrase, more secure against a brute-force attack by increasing the resources (time and possibly space) it takes to test each possible key ...

(using

PBKDF2 In cryptography, PBKDF1 and PBKDF2 (Password-Based Key Derivation Function 1 and 2) are key derivation functions with a sliding computational cost, used to reduce vulnerabilities of brute-force attacks. PBKDF2 is part of RSA Laboratories' Publ ...

), and remembers encrypted volume configuration across reboots.

cryptmount

The cryptmount interface is an alternative to the "cryptsetup" tool that allows any user to

mount Mount is often used as part of the name of specific mountains, e.g. Mount Everest. Mount or Mounts may also refer to: Places * Mount, Cornwall, a village in Warleggan parish, England * Mount, Perranzabuloe, a hamlet in Perranzabuloe parish, C ...

and unmount a dm-crypt file system when needed, without needing

superuser In computing, the superuser is a special user account used for system administration. Depending on the operating system (OS), the actual name of this account might be root, administrator, admin or supervisor. In some cases, the actual name of t ...

privileges after the device has been configured by a superuser.

Features

The fact that disk encryption (volume encryption) software like dm-crypt only deals with transparent encryption of abstract

s gives it a lot of flexibility. This means that it can be used for encrypting any disk-backed

file system In computing, file system or filesystem (often abbreviated to fs) is a method and data structure that the operating system uses to control how data is stored and retrieved. Without a file system, data placed in a storage medium would be one larg ...

s supported by the

operating system An operating system (OS) is system software that manages computer hardware, software resources, and provides common services for computer programs. Time-sharing operating systems schedule tasks for efficient use of the system and may also in ...

, as well as

swap space In computer operating systems, memory paging is a memory management scheme by which a computer stores and retrieves data from secondary storage for use in main memory. In this scheme, the operating system retrieves data from secondary storage ...

;

write barrier In operating systems, write barrier is a mechanism for enforcing a particular ordering in a sequence of writes to a storage system in a computer system. For example, a write barrier in a file system is a mechanism (program logic) that ensures that ...

s implemented by file systems are preserved. Encrypted volumes can be stored on

disk partition Disk partitioning or disk slicing is the creation of one or more regions on secondary storage, so that each region can be managed separately. These regions are called partitions. It is typically the first step of preparing a newly installed disk ...

s, whole disks as well as

-backed

disk image A disk image, in computing, is a computer file containing the contents and structure of a disk volume or of an entire data storage device, such as a hard disk drive, tape drive, floppy disk, optical disc, or USB flash drive. A disk image is us ...

s (through the use of

loop device In Unix-like operating systems, a loop device, vnd (vnode disk), or lofi (loop file interface) is a pseudo-device that makes a computer file accessible as a block device. Before use, a loop device must be connected to an extant file in the file sys ...

s with the losetup utility). dm-crypt can also be configured to encrypt

RAID Raid, RAID or Raids may refer to: Attack * Raid (military), a sudden attack behind the enemy's lines without the intention of holding ground * Corporate raid, a type of hostile takeover in business * Panty raid, a prankish raid by male college ...

volumes and LVM physical volumes. dm-crypt can also be configured to provide pre-boot authentication through an

, thus encrypting all the data on a computer except the bootloader, the kernel and the initrd image itself. When using the

cipher block chaining In cryptography, a block cipher mode of operation is an algorithm that uses a block cipher to provide information security such as confidentiality or authenticity. A block cipher by itself is only suitable for the secure cryptographic transforma ...

mode of operation with predictable

initialization vector In cryptography, an initialization vector (IV) or starting variable (SV) is an input to a cryptographic primitive being used to provide the initial state. The IV is typically required to be random or pseudorandom, but sometimes an IV only needs to ...

s as other disk encryption software, the disk is vulnerable to

s. This means that an attacker is able to detect the presence of specially crafted data on the disk. To address this problem in its predecessors, dm-crypt included provisions for more elaborate, disk encryption-specific modes of operation. Support for

(encrypted salt-sector initialization vector) was introduced in Linux kernel version 2.6.10,

in 2.6.20 and XTS in 2.6.24. The Linux Crypto API includes support for most popular

block cipher In cryptography, a block cipher is a deterministic algorithm operating on fixed-length groups of bits, called ''blocks''. Block ciphers are specified cryptographic primitive, elementary components in the design of many cryptographic protocols and ...

s and

hash function A hash function is any function that can be used to map data of arbitrary size to fixed-size values. The values returned by a hash function are called ''hash values'', ''hash codes'', ''digests'', or simply ''hashes''. The values are usually u ...

s, which are all usable with dm-crypt. Crypted FS support include LUKS volumes, loop-AES and since Linux kernel 3.13, the

TrueCrypt TrueCrypt is a discontinued source-available freeware utility used for on-the-fly encryption (OTFE). It can create a virtual encrypted disk within a file, or encrypt a partition or the whole storage device (pre-boot authentication). On 28 May ...

target called "tcw".

Compatibility

dm-crypt and LUKS encrypted disks can be accessed and used under MS Windows using the now defunct

FreeOTFE FreeOTFE is a discontinued open source computer program for on-the-fly disk encryption (OTFE). On Microsoft Windows, and Windows Mobile (using FreeOTFE4PDA), it can create a virtual drive within a file or partition, to which anything written is a ...

(formerly DoxBox, LibreCrypt), provided that the filesystem used is supported by Windows (e.g.

FAT In nutrition science, nutrition, biology, and chemistry, fat usually means any ester of fatty acids, or a mixture of such chemical compound, compounds, most commonly those that occur in living beings or in food. The term often refers spec ...

/FAT32/

NTFS New Technology File System (NTFS) is a proprietary journaling file system developed by Microsoft. Starting with Windows NT 3.1, it is the default file system of the Windows NT family. It superseded File Allocation Table (FAT) as the preferred fil ...

). Encrypted

ext2 The ext2 or second extended file system is a file system for the Linux kernel. It was initially designed by French software developer Rémy Card as a replacement for the extended file system (ext). Having been designed according to the same pr ...

and

ext3 ext3, or third extended filesystem, is a journaled file system that is commonly used by the Linux kernel. It used to be the default file system for many popular Linux distributions. Stephen Tweedie first revealed that he was working on extend ...

filesystems are supported by using

Ext2Fsd Ext2Fsd (short for Ext2 File System Driver) is a free Installable File System driver written in C for the Microsoft Windows operating system family. It facilitates read and write access to the ext2, ext3 and ext4 file systems. The driver can be ...

or so-called "Ext2 Installable File System for Windows"; FreeOTFE also supports them. Cryptsetup/LUKS and the required infrastructure have also been implemented on the DragonFly BSD operating system.

References

External links

* Official , and websites
All about dm-crypt and LUKS on one page (on archive.org)
a page covering dm-crypt/LUKS, starting with theory and ending with many practical examples about its usage. {{DEFAULTSORT:Dm-Crypt Device mapper Disk encryption Cryptographic software