Breaking LUKS Encryption | By Oleg Afonin

August 20, 2020

Breaking LUKS Encryption

LUKS encryption is widely used in various Linux distributions to protect disks and create encrypted containers. Being a platform-independent, open-source specification, LUKS can be viewed as an exemplary implementation of disk encryption. Offering the choice of multiple encryption algorithms, several modes of encryption and several hash functions to choose from, LUKS is one of the tougher disk encryption systems to break. Learn how to deal with LUKS encryption in Windows and how to break in with distributed password attacks.

Disk Encryption Basics

All disk encryption tools rely on symmetric cryptography to encrypt data. More often than not, major disk encryption tools rely on the hardware-accelerated AES encryption with a 256-bit key, although Microsoft BitLocker defaults to using 128-bit AES keys. Some disk encryption tools offer the choice of encryption algorithms, the champion being VeraCrypt with some 15 options for symmetric encryption.

The symmetric encryption keys are derived from the user’s password (or other data) by using a Key Derivation Function (KDF). The KDF employs one-way transformations (hash functions) of the user’s input to produce the binary encryption key (or an to unwrap an intermediary key that decrypts the actual symmetric encryption key). Different hash functions and with numerous hash iterations are used to slow down the speed of potential brute force attacks.

When attacking an encrypted container, you must either know....

Notify of

Inline Feedbacks
View all comments
© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023