dm-crypt

dm-crypt is a transparent disk encryption subsystem in Linux kernel versions 2.6 and later and in DragonFly BSD. It is part of the device mapper infrastructure, and uses cryptographic routines from the kernel's Crypto API. Unlike its predecessor cryptoloop, dm-crypt was designed to support advanced modes of operation, such as XTS, LRW and ESSIV (see disk encryption theory for further information), in order to avoid watermarking attacks. In addition to that, dm-crypt also addresses some reliability problems of cryptoloop. dm-crypt is implemented as a device mapper target and may be stacked on top of other device mapper transformations. It can thus encrypt whole disks (including removable media), partitions, software RAID volumes, logical volumes, as well as files. It appears as a block device, which can be used to back file systems, swap or as an LVM physical volume. Some Linux distributions support the use of dm-crypt on the root file system. These distributions use initrd to prompt the user to enter a passphrase at the console, or insert a smart card prior to the normal boot process. The dm-crypt device mapper target resides entirely in kernel space, and is only concerned with encryption of the block device – it does not interpret any data itself. It relies on user space front-ends to create and activate encrypted volumes, and manage authentication. At least two frontends are currently available: cryptsetup and cryptmount. The cryptsetup command-line interface, by default, does not write any headers to the encrypted volume, and hence only provides the bare essentials: encryption settings have to be provided every time the disk is mounted (although usually employed with automated scripts), and only one key can be used per volume; the symmetric encryption key is directly derived from the supplied passphrase. Because it lacks a 'salt', using cryptsetup is less secure in this mode than is the case with Linux Unified Key Setup (LUKS). However, the simplicity of cryptsetup makes it useful when combined with third-party software, for example, with smart card authentication. cryptsetup also provides commands to deal with the LUKS on-disk format. This format provides additional features such as key management and key stretching (using PBKDF2), and remembers encrypted volume configuration across reboots. The cryptmount interface is an alternative to the 'cryptsetup' tool that allows any user to mount and unmount a dm-crypt file system when needed, without needing superuser privileges after the device has been configured by a superuser.