Security issue ... please could someone help !!!

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Security issue ... please could someone help !!!

Bhasker C V

Hi,

 Attached is something I found. I see that cryptsetup --key-file arguement uses only first 32 bytes of the file and anything beyond is unused. 

I am on debian bullseye

$ cryptsetup --version
cryptsetup 2.3.0
$

Following is my test

$ cat b
#!/bin/bash

#create  a file
dd if=/dev/zero of=./A bs=1 count=1 seek=50M
#create a key
dd if=/dev/urandom of=./key1 bs=1024 count=1 
#create a plain dm-mapped crypt device with that key
cryptsetup create dev1 ./A --key-file ./key1
mkfs.ext4 /dev/mapper/dev1

cryptsetup remove dev1

#Now that all is cleaned lets play with key again

dd if=./key1 of=./key2 bs=512 count=1   #We create a key half the size of the original key

cryptsetup create dev1 ./A --key-file ./key2

#check if the filesystem is the same ...  if it is then there is a trouble
file -sL /dev/mapper/dev1
$ sudo ./b
1+0 records in
1+0 records out
1 byte copied, 0.000141476 s, 7.1 kB/s
1+0 records in
1+0 records out
1024 bytes (1.0 kB, 1.0 KiB) copied, 0.000126398 s, 8.1 MB/s
mke2fs 1.45.6 (20-Mar-2020)
Creating filesystem with 51200 1k blocks and 12824 inodes
Filesystem UUID: f667264a-5556-47fa-aafa-f236cc9f345a
Superblock backups stored on blocks:
    8193, 24577, 40961

Allocating group tables: done                           
Writing inode tables: done                           
Creating journal (4096 blocks): done
Writing superblocks and filesystem accounting information: done

1+0 records in
1+0 records out
512 bytes copied, 6.4401e-05 s, 8.0 MB/s
/dev/mapper/dev1: Linux rev 1.0 ext4 filesystem data, UUID=f667264a-5556-47fa-aafa-f236cc9f345a (extents) (64bit) (large files) (huge files)
$


I kept digging down and saw that anything below 32 bytes is not accepted (by cryptsetup --key-file option) but anything above 32 bytes is discarded. Does this mean that cryptsetup plain with --key-file uses only 32 bytes ? Am I doing anything wrong ? I dont want to use passphrases and would like to get the keys from randomly generated key file. If only 32 bytes are used, it is (in my opinion) not so much secure isnt it  ?

-- 
Bhasker C V
Secure Mails: http://keys.gnupg.net/pks/lookup?op=get&search=0x4D05FEEC54E47413
Registered Linux User: #306349 
Reply | Threaded
Open this post in threaded view
|

Re: Security issue ... please could someone help !!!

Reco
        Hi.

On Sun, Apr 05, 2020 at 09:03:00PM +0100, Bhasker C V wrote:
> I kept digging down and saw that anything below 32 bytes is not accepted
> (by cryptsetup --key-file option) but anything above 32 bytes is
> discarded.

cryptsetup(8), "-s" option.


> Does this mean that cryptsetup plain with --key-file uses
> only 32 bytes ?

Yes, assuming the defaults.


> Am I doing anything wrong ?

Probably no.

By default cryptsetup uses AES encryption algorithm with the key size of
256 bits. You're suppling your own key to cryptsetup, hence it chooses
just right amount of bits from it (32 bytes = 256 bits).


> If only 32 bytes are used, it is (in my opinion) not so much secure
> isnt it  ?

It's sufficiently secure, unless you try to do something really wrong
(like storing a plain key somewhere), or generate your key predictably.

Reco