[dm-crypt] Looking for reverse-engineering partner for DiskCryptor

[dm-crypt] Looking for reverse-engineering partner for DiskCryptor

[Mateusz Jończyk]

[-- Attachment #1.1: Type: text/plain, Size: 1274 bytes --]

Hello,

I'm trying to implement support for opening DiskCryptor partitions. DiskCryptor 
is licensed under GPLv3, which is incompatible with libcryptsetup's LGPL2+. I'd 
therefore prefer not to read DiskCryptor source code. I'm asking for someone to 
do this and provide some information - mostly about header encryption ATM.

I tried to reverse-engineer the format from public info:

  * https://diskcryptor.org/volume/
  * https://security.stackexchange.com/a/83792

and by trial and error, but failed.

I've tried the following (with many variations) on a FAT partition encrypted 
with AES:

 1. Password is encoded as an ASCII string.
 2. This ASCII string is hashed with PBKDF2 with the following parameters:
      * hash: sha512
      * salt - 64 bytes from start of the volume header,
      * output size: 64 or perhaps 192 bytes,
      * 1000 iterations.
 3. Encryption key consists of the first or perhaps last 64 bytes (512 bits) of
    the output of PBKDF2.
 4. Bytes 64 - 2048 of the header are encrypted with AES cipher in XTS mode:
      * decryption starts from byte 64,
      * IV is 16 bytes long.

Code could be found at https://github.com/DavidXanatos/DiskCryptor/ . Thank you 
in advance.

Greetings,

Mateusz Jończyk

[-- Attachment #1.2: Type: text/html, Size: 2216 bytes --]

[-- Attachment #2: Type: text/plain, Size: 147 bytes --]

_______________________________________________
dm-crypt mailing list -- dm-crypt@saout.de
To unsubscribe send an email to dm-crypt-leave@saout.de

[dm-crypt] Re: Looking for reverse-engineering partner for DiskCryptor

[Milan Broz]

On 03/06/2021 12:05, Mateusz Jończyk wrote:
> Hello,
> 
> I'm trying to implement support for opening DiskCryptor partitions. DiskCryptor is licensed under GPLv3, which is incompatible with libcryptsetup's LGPL2+. I'd therefore prefer not to read DiskCryptor source code. I'm asking for someone to do this and provide some information - mostly about header encryption ATM.
> 
> I tried to reverse-engineer the format from public info:
> 
>   * https://diskcryptor.org/volume/
>   * https://security.stackexchange.com/a/83792

I think hashcat can work with DiskCryptor, maybe you can find some info there.

Milan
_______________________________________________
dm-crypt mailing list -- dm-crypt@saout.de
To unsubscribe send an email to dm-crypt-leave@saout.de

[dm-crypt] Re: Looking for reverse-engineering partner for DiskCryptor

[Mateusz Jończyk]

W dniu 03.06.2021 o 12:45, Milan Broz pisze:
> On 03/06/2021 12:05, Mateusz Jończyk wrote:
>> Hello,
>>
>> I'm trying to implement support for opening DiskCryptor partitions. DiskCryptor is licensed under GPLv3, which is incompatible with libcryptsetup's LGPL2+. I'd therefore prefer not to read DiskCryptor source code. I'm asking for someone to do this and provide some information - mostly about header encryption ATM.
>>
>> I tried to reverse-engineer the format from public info:
>>
>>    * https://diskcryptor.org/volume/
>>    * https://security.stackexchange.com/a/83792
> I think hashcat can work with DiskCryptor, maybe you can find some info there.
>
> Milan
DONE! I got header decryption running!
Thank you for this suggestion, without it I would not be able to proceed.

Most important things I got wrong:
- password is encoded as a UTF-16LE string,
- PBKDF2 output size is 64 bytes (512 bits) for aes256-xts,
- IV should be 0x01, 0x00, 0x00 ... 0x00,
- XTS mode should pass also over the salt portion of the header (discarding output),

Greetings,
Mateusz
_______________________________________________
dm-crypt mailing list -- dm-crypt@saout.de
To unsubscribe send an email to dm-crypt-leave@saout.de