Cryptoloop

Cryptoloop is a Linux kernel's disk encryption module that relies on the Crypto API, which is a cryptography framework introduced in version 2.5.45 of the Linux kernel mainline.^[1] Cryptoloop was first introduced in the 2.5.x kernel series; its functionality was later incorporated into the device mapper, a generic framework used to map one block device onto another.

Cryptoloop can create an encrypted file system within a partition or from within a regular file in the regular file system. Once a file is encrypted, it can be moved to another storage device. This is accomplished by making use of a loop device, a pseudo device that enables a normal file to be mounted as if it were a physical device. By encrypting I/O to the loop device, any data being accessed must first be decrypted before passing through the regular file system; conversely, any data being stored will be encrypted.

Cryptoloop is vulnerable to watermarking attacks,^[2] making it possible to determine presence of watermarked data on the encrypted filesystem:

This attack exploits weakness in IV computation and knowledge of how file systems place files on disk. This attack works with file systems that have soft block size of 1024 or greater. At least ext2, ext3, reiserfs and minix have such property. This attack makes it possible to detect presence of specially crafted watermarked files. Watermarked files contain special bit patterns that can be detected without decryption.^[3]

Newer versions of cryptoloop's successor, dm-crypt, are less vulnerable to this type of attack if used correctly.^[4]

References

^ "Kernel development". LWN.net. October 2002. Retrieved 2015-02-15.
^ SecuriTeam (2005-05-26). "Linux Cryptoloop Watermark Exploit". Retrieved 2006-08-09.
^ Saarinen, Markku-Juhani O. (2004-02-19). "'Re: Oopsing cryptoapi (or loop device?) on 2.6.*' - MARC". Retrieved 2017-06-04.
^ Markus Reichelt (2004-06-20). "Why Mainline Cryptoloop Should Not Be Used". Retrieved 2017-06-04.

External links

Cryptoloop HOWTO

This cryptography-related article is a stub. You can help Wikipedia by expanding it.

[1] "Kernel development". LWN.net. October 2002. Retrieved 2015-02-15.

[2] SecuriTeam (2005-05-26). "Linux Cryptoloop Watermark Exploit". Retrieved 2006-08-09.

[3] Saarinen, Markku-Juhani O. (2004-02-19). "'Re: Oopsing cryptoapi (or loop device?) on 2.6.*' - MARC". Retrieved 2017-06-04.

[4] Markus Reichelt (2004-06-20). "Why Mainline Cryptoloop Should Not Be Used". Retrieved 2017-06-04.

[1]

[2]

[3]

[4]

v t e Linux
Linux kernel	History Linus's law Linux-libre Booting process Kernel oops Tux more…
Controversies	Criticism of Linux Criticism of desktop Linux GNU/Linux naming controversy Tanenbaum–Torvalds debate SCO and Linux
Distributions	General comparison Distributions list Netbook-specific comparison Distributions that run from RAM Lightweight Security-focused operating system Package manager Package format List of software package managers
Organizations	LinuxChix Linux Counter Linux Documentation Project Linux Foundation Linux Mark Institute Linux User Group (LUG)
Adoption	Adopters Desktop Embedded Gaming Mobile Range of use Linux malware
Media	DistroWatch Free Software Magazine Full Circle Hacker Public Radio Linux.com Linux Format Linux Gazette Linux Journal Linux Magazine LinuxUser Ubuntu User Linux Outlaws Linux Voice LugRadio LWN.net Phoronix Revolution OS The Code
Professional related certifications	CompTIA Linux+ Linux Foundation Red Hat Ubuntu
Linux portal Free and open-source software portal Category

Cryptoloop

See also

References

External links

Wikious

Boobota

Sagapedia