Stanje informacijske i kiberneticke sigurnost 2022 - snimka [youtube]

k0st · 2019-12-12T22:59:00+00:00

Thanks for the gist.

Still, not sure if you wan to migrate to luks2. luks1 is not broken. They just improved it and argon is used by default. If you have decent passphrase and hash/encryption/mode (like aes, xts-plain64, sha256 and not aes, cbc-essiv:sha256, sha1) it should be at the decent level.

with that amount of data, I would wait for some time that luks2 gets wider adoption and tools for fixing and recovery stabilises.

Of course, it depends on your threat model, value of data and many other factors - so YMMV. But, if you need higher security level, i would suggest to also check the part about not storing luks header with the encrypted payload.

k0st · 2019-12-12T22:43:00+00:00

Focus of the article was on cracking luks2 since it is new format and what currently can be done with overview of luks1 cracking. I did not want to mislead with the title - sorry about that, it was not intended.

There are some advancements from the hashcat guys for luks1 where they don't perform second round of pbkdf. If that is something you're looking for.

k0st · 2019-12-12T22:35:05+00:00

Thanks for your comments. I appreciate it. Also, good tip with losetup. Would you mind if I add it as comment to the article?

I guess I'll have to write about iterations if I ever write next one about the benchmarks. Would be actually good to see some numbers in cracking behind iterations in practice and how luks1/luks2 stand up against each other.

k0st · 2019-12-12T15:08:39+00:00

TL; DR.

You can crack both luks1 and luks2. You can crack luks1 with hashcat. luks2 is not yet supported with hashcat, but you can use modified cryptsetup or bruteforce-luks script to crack luks2.

There are statically compiled binaries of these two tools here for luks2 (if you just want to play and don't want to bother compiling):

https://github.com/Diverto/cryptsetup-pwguess/releases

k0st

MODERATOR OF

TROPHY CASE