On Wed, Jun 15, 2022 at 07:59:34PM -0500, T Taylor Gurney wrote: > Are you familiar with loop-AES?
Not specifically, but I had heard of loop-device based encryption before. The manpage for losetup states that support for such was removed in favor of dm-crypt. > My understanding is that the project provides a replacement "loop.ko" > kernel module that gives loop devices support for block-level > encryption. But then userspace still does not know how to set up > encrypted loop devices, set encryption-related mount options, etc., so > they also offer patches for the losetup and mount programs to make > this functionality available. > Sorry, I thought losetup already had the support. In any case, you can write your own losetup; it is not the most complicated program in the world. And for the root, you wouldn't need the support in the mount program at all. Just set up the loop right, then mount the loop. But then, with dm-crypt, it is mostly just setting up the devmapper, then mounting it. I also dislike the "loop" mount option, as it entangles another two commands for the sake of convenience, where a simple shell script would have sufficed. > To me it sounds much nicer than the complexity of dm-crypt+LUKS. It > pre-dates them as well. I wonder why it has been kept out of the > kernel tree all this time. It's an old project but I'm not familiar > with the history. > > Taylor > My guess is that the cryptoloop solution was judged to be too limited in the past, and now that dm-crypt exists, it is also superfluous. I'm also weary of "rolling your own crypto". Unless you are a cryptographer, I have never heard that go well. Hell, I have heard that go bad even with cryptographer support. The simplest decisions can come back to bite you. Do you calculate the MAC over the plaintext or the ciphertext? Turns out, if you choose the plaintext here, you are vulnerable to a padding oracle attack. So that's why I would probably just go with LUKS or Truecrypt and tank the added complexity. It is probably there for a reason, and I might not understand the reason but it may be important, anyway. Ciao, Markus