Conversation

Don't build encryption tools where it's non-obvious to the user that they don't actually possess the key. 😡

Linux - accidentally used dd on a LUKS encrypted drive, is there a way to recover?

I accidentally ran dd bs=4M if=image.iso of=/dev/sda oflag=sync when creating a bootable drive instead of targeting the USB stick. I am fairly certain most of the files would be fine - the iso is o...

Rich Felker

@RichFelker

Jul 16, 2021

There should have been no way to get to that situation without: 1. Being offered the option to use the passphrase as input to a KDF, with warning about strength. 2. Being warned to store key backup on paper, and that data WILL BE GONE PERMANENTLY if you don't.

Replying to

They do use a KDF but only use the resulting key to encrypt the header. It's the approach used by most disk encryption implementations in order to allow the user to rotate the password without having to encrypt the whole drive again, only the header. Easy to make that atomic too.

Replying to

and

Being able to easily rotate it is particularly important for always enabled disk encryption where the storage is encrypted before the user has chosen a passphrase. Changing it really needs to be done safely (atomic), shouldn't require a lot of space and should also be quick.

1:23 AM · Jul 16, 2021Twitter Web App