[dm-crypt] LUKS partition creation date

[dm-crypt] LUKS partition creation date

[Valdez]

[-- Attachment #1.1: Type: text/plain, Size: 176 bytes --]

Could a forensic investigation of an unmounted LUKS partition on a USB flash drive used to run Tails reveal any information about the date when the LUKS partition was created?

[-- Attachment #1.2: Type: text/html, Size: 315 bytes --]

[-- Attachment #2: Type: text/plain, Size: 147 bytes --]

_______________________________________________
dm-crypt mailing list -- dm-crypt@saout.de
To unsubscribe send an email to dm-crypt-leave@saout.de

[dm-crypt] Re: LUKS partition creation date

[Michael Kjörling]

On 26 May 2021 10:48 +0200, from u961866@tutanota.com (Valdez):
> Could a forensic investigation of an unmounted LUKS partition on a
> USB flash drive used to run Tails reveal any information about the
> date when the LUKS partition was created?

Whether the storage device is a SATA SSD, USB flash drive, rotational
fixed disk, floppy disk, or something you keep only in your brain, is
immaterial to LUKS, as long as it can accurately retain and allow
reading back high-entropy data.

I'm also going to assume that when you say "LUKS partition", you mean
a LUKS container. LUKS containers do not necessarily live inside
partitions.

Also, I'm not familiar with Tails specifically.

However, the LUKS on-disk formats are linked to from the front page of
the Wiki, at <https://gitlab.com/cryptsetup/cryptsetup/-/wikis/home>.

I'm pretty sure there are no dedicated fields for such timestamps in
either on-disk format; I don't see how having them would serve any
valid purpose. However, you certainly can look over the format specs
if you're curious; for what they cover, they should be every bit as
authoritative as anything you'll get in replies here. You can also
compare them to the output of, say, `cryptsetup luksDump
--dump-master-key` on a dummy container.

Be aware that LUKS 2 is capable of storing arbitrary data in the
header. Something would still need to put such a timestamp there, of
course, but if this is a concern to you, you might consider sticking
with the (older and less featureful) LUKS 1 format. As an alternative,
you could set your computer's time to some other value before creating
the container; _if_ something stores such a timestamp, it would then
reflect that time value, not the actual real-world time of container
creation.

That said, some details from the LUKS header might provide clues in a
very gross sense; for example, encryption algorithm, key size and key
derivation function used for the container or a key slot might _hint_
at which version of the LUKS tools were _possibly_ used to create or
last update it, because defaults have slowly changed over time. But
then you'd probably be looking at a likely time span of years.

-- 
Michael Kjörling • https://michael.kjorling.se • michael@kjorling.se
 “Remember when, on the Internet, nobody cared that you were a dog?”

_______________________________________________
dm-crypt mailing list -- dm-crypt@saout.de
To unsubscribe send an email to dm-crypt-leave@saout.de

[dm-crypt] Re: LUKS partition creation date

[Milan Broz]

On 27/05/2021 07:56, Michael Kjörling wrote:
> On 26 May 2021 10:48 +0200, from u961866@tutanota.com (Valdez):
>> Could a forensic investigation of an unmounted LUKS partition on a
>> USB flash drive used to run Tails reveal any information about the
>> date when the LUKS partition was created?
> 
> Whether the storage device is a SATA SSD, USB flash drive, rotational
> fixed disk, floppy disk, or something you keep only in your brain, is
> immaterial to LUKS, as long as it can accurately retain and allow
> reading back high-entropy data.
> 
> I'm also going to assume that when you say "LUKS partition", you mean
> a LUKS container. LUKS containers do not necessarily live inside
> partitions.
> 
> Also, I'm not familiar with Tails specifically.
> 
> However, the LUKS on-disk formats are linked to from the front page of
> the Wiki, at <https://gitlab.com/cryptsetup/cryptsetup/-/wikis/home>.
> 
> I'm pretty sure there are no dedicated fields for such timestamps in
> either on-disk format; I don't see how having them would serve any
> valid purpose. However, you certainly can look over the format specs
> if you're curious; for what they cover, they should be every bit as
> authoritative as anything you'll get in replies here. You can also
> compare them to the output of, say, `cryptsetup luksDump
> --dump-master-key` on a dummy container.
> 
> Be aware that LUKS 2 is capable of storing arbitrary data in the
> header. Something would still need to put such a timestamp there, of
> course, but if this is a concern to you, you might consider sticking
> with the (older and less featureful) LUKS 1 format. As an alternative,
> you could set your computer's time to some other value before creating
> the container; _if_ something stores such a timestamp, it would then
> reflect that time value, not the actual real-world time of container
> creation.
> 
> That said, some details from the LUKS header might provide clues in a
> very gross sense; for example, encryption algorithm, key size and key
> derivation function used for the container or a key slot might _hint_
> at which version of the LUKS tools were _possibly_ used to create or
> last update it, because defaults have slowly changed over time. But
> then you'd probably be looking at a likely time span of years.

Thanks for the excellent summary!

Just a few more points (maybe we can later add this to FAQ):

- In fact, not storing date/access time anywhere in LUKS2 was intention,
I just forgot to mention it in docs. (Of course we cannot avoid this
if someone implements own token metadata extension.)

- LUKS2 can increase seqid (sequence id) if autocorrection updates
the header. It is a simple counter, so you can just say that there
was some operation (but if you have an old copy, you can say it anyway :)

- libcryptsetup implements also other formats VeraCrypt, BitLocker ...
(I know Tails used VeraCrypt compatible implementation in libcryptsetupo
to access pre-formatted disks.)

And all _metadata_ for these foreign formats are strictly read-only
if accessed through libcryptsetup (even if there is some field that should be
updated, libcryptsetup never writes anything there, we even do not have code
for it. You cannot for example update passphrase etc through
libcryptsetup.)

Of course, once mounted, upper layer like filesystem can update
decrypted data (and in the case of BitLocker even partially metadata as it
is shared/interleaved with NTFS metadata areas). But that is outside
of our code responsibility.

Milan
_______________________________________________
dm-crypt mailing list -- dm-crypt@saout.de
To unsubscribe send an email to dm-crypt-leave@saout.de

[dm-crypt] Re: LUKS partition creation date

[Arno Wagner]

On Thu, May 27, 2021 at 10:04:36 CEST, Milan Broz wrote:
> On 27/05/2021 07:56, Michael Kjörling wrote:
> > On 26 May 2021 10:48 +0200, from u961866@tutanota.com (Valdez):
> >> Could a forensic investigation of an unmounted LUKS partition on a
> >> USB flash drive used to run Tails reveal any information about the
> >> date when the LUKS partition was created?
> > 
> > Whether the storage device is a SATA SSD, USB flash drive, rotational
[...]
> > then you'd probably be looking at a likely time span of years.
> 
> Thanks for the excellent summary!
> 
> Just a few more points (maybe we can later add this to FAQ):
[...]

Good idea, will do. 

Regards,
Arno

-- 
Arno Wagner,     Dr. sc. techn., Dipl. Inform.,    Email: arno@wagner.name
GnuPG: ID: CB5D9718  FP: 12D6 C03B 1B30 33BB 13CF  B774 E35C 5FA1 CB5D 9718
----
A good decision is based on knowledge and not on numbers. -- Plato

If it's in the news, don't worry about it.  The very definition of 
"news" is "something that hardly ever happens." -- Bruce Schneier
_______________________________________________
dm-crypt mailing list -- dm-crypt@saout.de
To unsubscribe send an email to dm-crypt-leave@saout.de

[dm-crypt] Re: LUKS partition creation date

[Michael Kjörling]

On 27 May 2021 12:54 +0200, from arno@wagner.name (Arno Wagner):
>> Just a few more points (maybe we can later add this to FAQ):
> 
> Good idea, will do. 

Maybe the FAQ should even include a question that lists what _is_
stored in the LUKS header, with a note to the effect of "this is all
there is", and a link to the respective on-disk format specification.

I imagine that a summarized list that gives, for each of LUKS 1 and
LUKS 2, what is stored globally and per key slot, and for each whether
it's encrypted or unencrypted, would be quite informative.

Yes, that should all be in the detailed on-disk format specification,
but a summary would make the information much more accessible.

-- 
Michael Kjörling • https://michael.kjorling.se • michael@kjorling.se
 “Remember when, on the Internet, nobody cared that you were a dog?”

_______________________________________________
dm-crypt mailing list -- dm-crypt@saout.de
To unsubscribe send an email to dm-crypt-leave@saout.de

[dm-crypt] Re: LUKS partition creation date

[Arno Wagner]

On Thu, May 27, 2021 at 13:03:52 CEST, Michael Kjörling wrote:
> On 27 May 2021 12:54 +0200, from arno@wagner.name (Arno Wagner):
> >> Just a few more points (maybe we can later add this to FAQ):
> > 
> > Good idea, will do. 
> 
> Maybe the FAQ should even include a question that lists what _is_
> stored in the LUKS header, with a note to the effect of "this is all
> there is", and a link to the respective on-disk format specification.
> 
> I imagine that a summarized list that gives, for each of LUKS 1 and
> LUKS 2, what is stored globally and per key slot, and for each whether
> it's encrypted or unencrypted, would be quite informative.
> 
> Yes, that should all be in the detailed on-disk format specification,
> but a summary would make the information much more accessible.

That should be there for LUKS 1, in the header documentation item.
Not sure what I have in there for LUKS 2 at the moment, I think
that part is just a reference to the documentation.

I take your point though, a summary that allows a quick check
would be handy to have in the FAQ as well. Let me think about
it.

Regards,
Arno
-- 
Arno Wagner,     Dr. sc. techn., Dipl. Inform.,    Email: arno@wagner.name
GnuPG: ID: CB5D9718  FP: 12D6 C03B 1B30 33BB 13CF  B774 E35C 5FA1 CB5D 9718
----
A good decision is based on knowledge and not on numbers. -- Plato

If it's in the news, don't worry about it.  The very definition of 
"news" is "something that hardly ever happens." -- Bruce Schneier
_______________________________________________
dm-crypt mailing list -- dm-crypt@saout.de
To unsubscribe send an email to dm-crypt-leave@saout.de