I wanted to explore a different way to encrypt data on portable USB flash drives other than Truecrypt, so I checked what could be done with Linux Unified Key Setup (LUKS). LUKS is an encryption method that is implemented on Linux by “cryptsetup” package, and on Windows by FreeOTFE. It encrypts a partition or a file using a key that can be accessed by one or more passphrases. The passphrase can be asked to the user or it can be a file (key-file).
What I wanted to understand about LUKS, with respect to Truecrypt and in general, was:
- Security: what are the risks and benefits of using it.
- Usability: how much struggle does a user need to setup and then use it.
- Portability: if the USB drive can be used both on Linux and Windows.
There are multiple ways to use LUKS to have encrypted data on a USB drive. Here I consider three ways:
Encrypt a partition
Because of Windows lack of functionality, only the first partition of a removable drive can be used. So if I want to encrypt a partition and want the setup to be portable between the two OS, I need to format the USB drive with a single partition.
Modern Linux file managers such as Thunar or Nautilus have the support to recognize a LUKS partition, they ask you for the password to decrypt the volume and then mount it as a removable drive. This integration is very useful and works quite well, but the catch is that you can’t use a key-file.
These are the steps that I followed to prepare an encrypted USB drive on a Linux machine (Debian wheezy). This procedure wipes the content of the drive, so be careful to choose the USB flash drive that you want to use:
First I plug an USB removable drive, and check with “dmesg” the device which is created to access it. In my case the device is “/dev/sdd“. Be careful to choose the right device, or else you could inadvertently delete one of your hard disks.
Then I wipe the partition table and create a new one, using “fdisk“. Everything is run as root at the time of creating the encrypted partition.
# fdisk /dev/sdd Command (m for help): o Building a new DOS disklabel with disk identifier 0x28265921. Changes will remain in memory only, until you decide to write them. After that, of course, the previous content won't be recoverable. Warning: invalid flag 0x0000 of partition table 4 will be corrected by w(rite) Command (m for help): w The partition table has been altered! Calling ioctl() to re-read partition table. WARNING: Re-reading the partition table failed with error 16: Device or resource busy. The kernel still uses the old table. The new table will be used at the next reboot or after you run partprobe(8) or kpartx(8) Syncing disks.
I create a new partition, that will hold the LUKS encrypted data.
# fdisk /dev/sdd
Command (m for help): n
Command action
e extended
p primary partition (1-4)
p
Partition number (1-4, default 1):
Using default value 1
First sector (2048-1015807, default 2048):
Using default value 2048
Last sector, +sectors or +size{K,M,G} (2048-1015807, default 1015807):
Using default value 1015807
Command (m for help): w
The partition table has been altered!
Calling ioctl() to re-read partition table.
WARNING: Re-reading the partition table failed with error 16: Device or resource busy.
The kernel still uses the old table. The new table will be used at
the next reboot or after you run partprobe(8) or kpartx(8)
Syncing disks.
The partition is accessible in Linux in “/dev/sdd1“. After that, I format that partition using “cryptsetup” command, creating a LUKS-encrypted partition with a passphrase:
# cryptsetup luksFormat /dev/sdd1 WARNING! ======== This will overwrite data on /dev/sdd1 irrevocably. Are you sure? (Type uppercase yes): YES Enter LUKS passphrase: Verify passphrase:
Now I need to format the decrypted partition; since I want to use the USB disk both on Linux and on Windows, I use FAT32. In order to format the decrypted partition, I need to use the “luksOpen” command of “cryptsetup” and map a device, which I name LUKS001. The mapped device will be present in “/dev/mapper/LUKS001“. After that, we can format the mapped device (with name LUKS001) and close it.
# cryptsetup luksOpen /dev/sdd1 LUKS001 Enter passphrase for /dev/sdd1: # mkfs.vfat /dev/mapper/LUKS001 -n LUKS001 mkfs.vfat 3.0.9 (31 Jan 2010) unable to get drive geometry, using default 255/63 # cryptsetup luksClose LUKS001
We can now unplug and re-plug the USB. I tried both with Xfce and Gnome desktop environment, and in both cases when I replug the USB drive a dialog appears, asking for a passphrase. I provide the passphrase that I chose before and the FAT32 volume with name “LUKS001” gets automatically mounted.
On Windows we need to use FreeOTFE: once the USB drive is plugged in, we open FreeOTFE and choose to mount a partition. Then we supply the passphrase and a new removable media will appear. Note that the Windows computer must have FreeOTFE installed, or at least present in portable mode or explorer mode. Otherwise it could be possible to take with you a portable installation of FreeOTFE, but that means using another USB drive.
Encrypt a volume file
Another possibility is to use a file instead of a partition to store encrypted data. This works better for Windows, because you can take with you an USB drive containing both the encrypted data and a portable installation of FreeOTFE. I noticed this solution does not integrate well with Linux desktop environments.
These are the steps that I followed to prepare an encrypted volume file on a Linux machine (Debian wheezy).
First I create a 256MB file with “dd” option.
# dd if=/dev/zero of=~/luks.img bs=1 count=0 seek=256M
Then I mount the file as a loopback device:
# losetup -f /dev/loop0 # losetup /dev/loop0 ~/luks.img
Now I do the same steps as before with the “/dev/loop0” device instead of the partition.
# cryptsetup luksFormat /dev/loop0 WARNING! ======== This will overwrite data on /dev/loop0 irrevocably. Are you sure? (Type uppercase yes): YES Enter LUKS passphrase: Verify passphrase: # cryptsetup luksOpen /dev/loop0 luksimg Enter passphrase for /dev/loop0: # mkfs.vfat /dev/mapper/luksimg -n LUKSIMG mkfs.vfat 3.0.9 (31 Jan 2010) unable to get drive geometry, using default 255/63 # cryptsetup luksClose luksimg # losetup -d /dev/loop0
This creates a “luks.img” file that can be carried around in a USB stick, but in order to be used on Linux, the root user must mount it with something like “losetup -f luks.img” first. Then from the file manager you can open the new drive that has appeared, it asks for a password and then it ask again for the root/sudo password.
On Windows instead the procedure is very similar, we open FreeOTFE, then select to mount a file, choose the image and provide the passphrase. The file will be mounted as a new removable drive. On Windows the added benefit is that you can carry around the portable version of FreeOTFE together with the encrypted data on a USB drive.
Use lukstool
“lukstool” is a script to create very secure data storage with LUKS. More information about the tools and the author here: Military-Grade Cryptofile.
An USB drive completely encrypted can be created with “lukstool make” and then providing “/dev/sdd” for example, and then the USB drive can be mounted/unmounted with “lukstool load” and “lukstool unload“. The scripts works in the same way using volume files instead of flash drives.
The pros/cons of using lukstool are:
- Very high security: it uses two-factor authentication, which means that both a passphrase and a key-file must be provided to decrypt data. Also the details of the script are tailored to achieve as much security as possible.
- Simplicity: the scripts hide most of the complexity of adding two-factor authentication on top of LUKS.
- You can encrypt an entire USB drive or just use a file.
- No OS portability: works only on Linux.
- No desktop integration: they are command line scripts.
- Needs to have root/sudo privileges also when mounting.
Tutorials and explanation are present on the author’s website.
Conclusions
I think Truecrypt is still the most valid compromise between portability, security and usability. That said, LUKS seems a valid alternative in particular cases. I think that partition encryption is very easy to use both on Linux and on Windows, even easier than Truecrypt, but with less security since LUKS does not support two-factor authentication and Linux desktop environments do not support key-files. Also if you are familiar with command line and if you use only your own Linux machines and want maximum (military-grade claimed) security you can use lukstool and feel safe. Then, if you use mainly Windows machines and are concerned about Truecrypt because of licensing issues, low transparency of development and so on, be aware that FreeOTFE is a viable solution to encrypt data on file volumes.
Posts
Freedom Embedded 
mhg
2011/09/15
There is this new project that seek to make cryptsetup volumes management even easier. A user will be able to create and open encrypted volumes both in files and in mass storage devices using a simple GUI through the use either a passphrase or a key file.
The project is at: http://code.google.com/p/zulucrypt/
botcha
2013/05/13
@Balou
In the ‘Encrypt a Partition’ section you use ” # mkfs.vfat /dev/mapper/LUKS001 -n LUKS001 ” to format the partition. Can you please elaborate why you added ” -n LUKS001 “, as surely just ” # mkfs.vfat /dev/mapper/LUKS001 ” will do? what is the purpose of the ” -n LUKS001 “? Is it maybe an unneccessary extra?
Balau
2013/05/13
The “-n” option gives the volume name. It is indeed not necessary to make it work, but it is the name that appears when you plug in the Flash drive, so it is useful to identify it.
andyt
2015/12/24
You mention portability with FreeOTFE. Have you thought about just creating a second partition with FreeOTFE on it? Would that compromise security in any way?
Balau
2015/12/24
FreeOTFE should be able to create only a single partition on USB drives: here are the related FAQ from their old site that is now unreachable. I never tried myself, but I don’t think what you want to do is feasible.
Note that I wrote this post in 2011 and FreeOTFE seems to have been abandoned in 2013. The security issues with abandoned projects are usually about bugs that are found but not fixed: the vulnerabilities remain until someone takes the source code, patches it and redistributes it.
Anonymous
2017/05/22
LUKs has chain, you can put a LUKs inside a LUKS… it is how to do cascade algorithms.
So think about one LUKS with passphrase and the next layer with KEY file… two factor now.
Note: Never used FreeOTFE… i only use Linux… so not sure it if allows multi-layer of LUKS or just one.
Windows is a ‘shit’ when USB mounting, it only allows you to mount the first partition on the table… use BootICE to swap partition orders and you can access the others, but not at the same time… each USB stick has a bit (Removable Bit is called), if Windows see it is a Removable USB device (seen that bit) it locks mounting of more than first partition on the partition table (MBR primary or logical & GPT tested)… it also denies you to set it as dynamic disk, etc… there are some tools that can change such bit (but only for some models), such bit is on the firmware… so beware of trying tools in blind mode you can render your USB stick to be a non usable anymore (doing that i lost one 4GiB one)… some tools are from Lexar, etc.
Linux is the total opposite… does not even consult such bit, so it let you partition, access at the same time all partitions… etc… on such devices.
Did i said i hate windows limitations impossed? There is no reason not to allow more than one partition mounted at the same time… tested… BootIce can let you mount any of them (one at a time) and without reboots… changing Removable Bit will also allow you to access all of them at the same time and such change is done without reformatting, etc… if the device is supported by the tool, the change is done without loose data, un-plug and re-plug is needed to let Windows see that change… so there is no real reason… oh! yes, i know old devices and miss-aligned partitions BUG on old windows… they where fixed, but disallow was not removed.