Encrypting data on USB flash drives with LUKS

Posted on 2011/08/25

7


I wanted to explore a different way to encrypt data on portable USB flash drives other than Truecrypt, so I checked what could be done with Linux Unified Key Setup (LUKS). LUKS is an encryption method that is implemented on Linux by “cryptsetup” package, and on Windows by FreeOTFE. It encrypts a partition or a file using a key that can be accessed by one or more passphrases. The passphrase can be asked to the user or it can be a file (key-file).

What I wanted to understand about LUKS, with respect to Truecrypt and in general, was:

  • Security: what are the risks and benefits of using it.
  • Usability: how much struggle does a user need to setup and then use it.
  • Portability: if the USB drive can be used both on Linux and Windows.

There are multiple ways to use LUKS to have encrypted data on a USB drive. Here I consider three ways:

Encrypt a partition

Because of Windows lack of functionality, only the first partition of a removable drive can be used. So if I want to encrypt a partition and want the setup to be portable between the two OS, I need to format the USB drive with a single partition.

Modern Linux file managers such as Thunar or Nautilus have the support to recognize a LUKS partition, they ask you for the password to decrypt the volume and then mount it as a removable drive. This integration is very useful and works quite well, but the catch is that you can’t use a key-file.

These are the steps that I followed to prepare an encrypted USB drive on a Linux machine (Debian wheezy). This procedure wipes the content of the drive, so be careful to choose the USB flash drive that you want to use:

First I plug an USB removable drive, and check with “dmesg” the device which is created to access it. In my case the device is “/dev/sdd“. Be careful to choose the right device, or else you could inadvertently delete one of your hard disks.

Then I wipe the partition table and create a new one, using “fdisk“. Everything is run as root at the time of creating the encrypted partition.

# fdisk /dev/sdd

Command (m for help): o
Building a new DOS disklabel with disk identifier 0x28265921.
Changes will remain in memory only, until you decide to write them.
After that, of course, the previous content won't be recoverable.

Warning: invalid flag 0x0000 of partition table 4 will be corrected by w(rite)

Command (m for help): w
The partition table has been altered!

Calling ioctl() to re-read partition table.

WARNING: Re-reading the partition table failed with error 16: Device or resource busy.
The kernel still uses the old table. The new table will be used at
the next reboot or after you run partprobe(8) or kpartx(8)
Syncing disks.

I create a new partition, that will hold the LUKS encrypted data.

# fdisk /dev/sdd
Command (m for help): n
Command action
e   extended
p   primary partition (1-4)
p
Partition number (1-4, default 1):
Using default value 1
First sector (2048-1015807, default 2048):
Using default value 2048
Last sector, +sectors or +size{K,M,G} (2048-1015807, default 1015807):
Using default value 1015807

Command (m for help): w
The partition table has been altered!

Calling ioctl() to re-read partition table.

WARNING: Re-reading the partition table failed with error 16: Device or resource busy.
The kernel still uses the old table. The new table will be used at
the next reboot or after you run partprobe(8) or kpartx(8)
Syncing disks.

The partition is accessible in Linux in “/dev/sdd1“. After that, I format that partition using “cryptsetup” command, creating a LUKS-encrypted partition with a passphrase:

# cryptsetup luksFormat /dev/sdd1

WARNING!
========
This will overwrite data on /dev/sdd1 irrevocably.

Are you sure? (Type uppercase yes): YES
Enter LUKS passphrase:
Verify passphrase: 

Now I need to format the decrypted partition; since I want to use the USB disk both on Linux and on Windows, I use FAT32. In order to format the decrypted partition, I need to use the “luksOpen” command of “cryptsetup” and map a device, which I name LUKS001. The mapped device will be present in “/dev/mapper/LUKS001“. After that, we can format the mapped device (with name LUKS001) and close it.

# cryptsetup luksOpen /dev/sdd1 LUKS001
Enter passphrase for /dev/sdd1:
# mkfs.vfat /dev/mapper/LUKS001 -n LUKS001
mkfs.vfat 3.0.9 (31 Jan 2010)
unable to get drive geometry, using default 255/63
# cryptsetup luksClose LUKS001

We can now unplug and re-plug the USB. I tried both with Xfce and Gnome desktop environment, and in both cases when I replug the USB drive a dialog appears, asking for a passphrase. I provide the passphrase that I chose before and the FAT32 volume with name “LUKS001” gets automatically mounted.

On Windows we need to use FreeOTFE: once the USB drive is plugged in, we open FreeOTFE and choose to mount a partition. Then we supply the passphrase and a new removable media will appear. Note that the Windows computer must have FreeOTFE installed, or at least present in portable mode or explorer mode. Otherwise it could be possible to take with you a portable installation of FreeOTFE, but that means using another USB drive.

Encrypt a volume file

Another possibility is to use a file instead of a partition to store encrypted data. This works better for Windows, because you can take with you an USB drive containing both the encrypted data and a portable installation of FreeOTFE. I noticed this solution does not integrate well with Linux desktop environments.

These are the steps that I followed to prepare an encrypted volume file on a Linux machine (Debian wheezy).

First I create a 256MB file with “dd” option.

# dd if=/dev/zero of=~/luks.img bs=1 count=0 seek=256M

Then I mount the file as a loopback device:

# losetup -f
/dev/loop0
# losetup /dev/loop0 ~/luks.img

Now I do the same steps as before with the “/dev/loop0” device instead of the partition.

# cryptsetup luksFormat /dev/loop0

WARNING!
========
This will overwrite data on /dev/loop0 irrevocably.

Are you sure? (Type uppercase yes): YES
Enter LUKS passphrase:
Verify passphrase:
# cryptsetup luksOpen /dev/loop0 luksimg
Enter passphrase for /dev/loop0:
# mkfs.vfat /dev/mapper/luksimg -n LUKSIMG
mkfs.vfat 3.0.9 (31 Jan 2010)
unable to get drive geometry, using default 255/63
# cryptsetup luksClose luksimg
# losetup -d /dev/loop0

This creates a “luks.img” file that can be carried around in a USB stick, but in order to be used on Linux, the root user must mount it with something like “losetup -f luks.img” first. Then from the file manager you can open the new drive that has appeared, it asks for a password and then it ask again for the root/sudo password.

On Windows instead the procedure is very similar, we open FreeOTFE, then select to mount a file, choose the image and provide the passphrase. The file will be mounted as a new removable drive. On Windows the added benefit is that you can carry around the portable version of FreeOTFE together with the encrypted data on a USB drive.

Use lukstool

lukstool” is a script to create very secure data storage with LUKS. More information about the tools and the author here: Military-Grade Cryptofile.

An USB drive completely encrypted can be created with “lukstool make” and then providing “/dev/sdd” for example, and then the USB drive can be mounted/unmounted with “lukstool load” and “lukstool unload“. The scripts works in the same way using volume files instead of flash drives.

The pros/cons of using lukstool are:

  • Very high security: it uses two-factor authentication, which means that both a passphrase and a key-file must be provided to decrypt data. Also the details of the script are tailored to achieve as much security as possible.
  • Simplicity: the scripts hide most of the complexity of adding two-factor authentication on top of LUKS.
  • You can encrypt an entire USB drive or just use a file.
  • No OS portability: works only on Linux.
  • No desktop integration: they are command line scripts.
  • Needs to have root/sudo privileges also when mounting.

Tutorials and explanation are present on the author’s website.

Conclusions

I think Truecrypt is still the most valid compromise between portability, security and usability. That said, LUKS seems a valid alternative in particular cases. I think that partition encryption is very easy to use both on Linux and on Windows, even easier than Truecrypt, but with less security since LUKS does not support two-factor authentication and Linux desktop environments do not support key-files. Also if you are familiar with command line and if you use only your own Linux machines and want maximum (military-grade claimed) security you can use lukstool and feel safe. Then, if you use mainly Windows machines and are concerned about Truecrypt because of licensing issues, low transparency of development and so on, be aware that FreeOTFE is a viable solution to encrypt data on file volumes.

Posted in: Security