Two factor LUKS decryption
Security tells us to use VeryLongAnd$t0ngPasswordWithStr4ng3And$pecia!Characters to crypt our LUKS (http://en.wikipedia.org/wiki/Linux_Unified_Key_Setup) disks, but it is very booring and error prone: in this article I'll tell you how to setup your Debian (http://www.debian.org) system to use also a short password (like a PIN) AND an USB key to decrypt the LUKS disk, without loosing any security.
The base idea of two factor decryption (http://en.wikipedia.org/wiki/Multi-factor_authentication) is that you need a knowledge factor ("something the user knows") and a possession factor ("something the user has") to decrypt a disk: in my setup, the two factors are a "password" and an "USB Key" or a similar device (SD card, USB disk ...).
What we need to do is to add to the crypted disk a new LUKS key that will be composed by a password and a choosen sector of the USB key.
The idea came to me from this post (http://forums.fedoraforum.org/showthread.php?t=241942) to unlock LUKS with an USB key.
I suppose you have setup your Debian system with LUKS in the standard way (http://www.debian.org/releases/jessie/amd64/ch06s03.html.en#partman-fs) and that you have an USB key to use as a key holder.
The core of the idea is a custom keyscript that will ask a password AND will dump a selected sector from our key device at boot time.
keyscript.sh keyscript.sh
- DEV=${1%:*}
- SKIP=${1#$DEV}
- SKIP=${SKIP#:}
- SKIP=${SKIP:-1}
- ReadPassword "${P1}LUKS: ${P2}"
- dd if="$DEV" count=1 bs=512 skip="$SKIP" 2>/dev/null
The lines from 52 to 59 parse the first parameter and select the key device and the sector number, line 64 asks the password and line 65 dumps the key sector.
You need to download the keyscript.sh (keyscript.sh) file and put it on your disk, for example here: /etc/security/keyscript.sh
To prepare the USB key, we need to choose the sector that will hold our key; I selected the second sector (sector 1) of my non bootable USB key, a sector that usually isn't used by a filesystem.
Let's look at the USB Key, in my PC it is the /dev/sdb device.
USB Partitions
- #> sfdisk -xluS /dev/sdb
- Disk /dev/sdb: 1022 cylinders, 247 heads, 62 sectors/track
- Units = sectors of 512 bytes, counting from 0
- Device Boot Start End #sectors Id System
- /dev/sdb1 62 15650907 15650846 c W95 FAT32 (LBA)
- /dev/sdb2 0 - 0 0 Empty
- /dev/sdb3 0 - 0 0 Empty
- /dev/sdb4 0 - 0 0 Empty
As you can see the filesystem stars at sector 62; the sector 0 contains the partition table and is not utilizable.
To be sure that we can use sector 1, dump it.
Correct Disk
- #> dd if=/dev/sdb bs=512 count=4 2>/dev/null | xxd -u -g 1
- 0000000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
- 0000010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
- ...
- 0000160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
- 0000170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
- 0000180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
- 0000190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
- 00001a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
- 00001b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 ................
- 00001c0: 01 00 0C F6 FE FD 3E 00 00 00 1E D0 EE 00 00 00 ......>.........
- 00001d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
- 00001e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
- 00001f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA ..............U.
- 0000200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
- 0000210: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
- 0000220: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
- 0000230: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
- 0000240: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
- 0000250: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
- 0000260: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
- 0000270: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
- 0000280: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
- 0000290: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
- 00002a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
- 00002b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
- 00002c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
- 00002d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
- 00002e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
- 00002f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
- 0000300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
- 0000310: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
- 0000320: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
- 0000330: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
- 0000340: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
- 0000350: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
- 0000360: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
- 0000370: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
- 0000380: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
- 0000390: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
- 00003a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
- 00003b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
- 00003c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
- 00003d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
- 00003e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
- 00003f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
- 0000400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
- 0000410: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
- 0000420: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
- ...
- 00007e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
- 00007f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
As you can see, sector 1, that starts at 0000200 and ends at 00003f0, contains only zeroes.
A disk with a boot loader, like grub, looks like this one.
BAD Disk
- #> dd if=/dev/sda bs=512 count=4 2>/dev/null | xxd -u -g 1
- 0000000: EB 63 90 D0 BC 00 7C 8E C0 8E D8 BE 00 7C BF 00 .c....|......|..
- 0000010: 06 B9 00 02 FC F3 A4 50 68 1C 06 CB FB B9 04 00 .......Ph.......
- ...
- 0000160: 8E C6 FC F3 A5 1F 61 FF 26 5A 7C BE 86 7D EB 03 ......a.&Z|..}..
- 0000170: BE 95 7D E8 34 00 BE 9A 7D E8 2E 00 CD 18 EB FE ..}.4...}.......
- 0000180: 47 52 55 42 20 00 47 65 6F 6D 00 48 61 72 64 20 GRUB .Geom.Hard
- 0000190: 44 69 73 6B 00 52 65 61 64 00 20 45 72 72 6F 72 Disk.Read. Error
- 00001a0: 0D 0A 00 BB 01 00 B4 0E CD 10 AC 3C 00 75 F4 C3 ...........<.u..
- 00001b0: 00 00 00 00 00 00 00 00 A7 B4 13 C1 00 00 00 00 ................
- 00001c0: 01 01 83 FE 3F 7E C1 3E 00 00 FE E2 1E 00 00 00 ....?~.>........
- 00001d0: 01 7F 17 FE FF FF BF 21 1F 00 00 20 D8 07 80 FE .......!... ....
- 00001e0: FF FF 07 FE FF FF BF 41 F7 07 00 20 D8 07 00 FE .......A... ....
- 00001f0: FF FF 05 FE FF FF BF 61 CF 0F 82 EA 68 2A 55 AA .......a....h*U.
- 0000200: 52 56 BE 1B 81 E8 39 01 5E BF F4 81 66 8B 2D 83 RV....9.^...f.-.
- 0000210: 7D 08 00 0F 84 E2 00 80 7C FF 00 74 46 66 8B 1D }.......|..tFf..
- 0000220: 66 8B 4D 04 66 31 C0 B0 7F 39 45 08 7F 03 8B 45 f.M.f1...9E....E
- 0000230: 08 29 45 08 66 01 05 66 83 55 04 00 C7 04 10 00 .)E.f..f.U......
- 0000240: 89 44 02 66 89 5C 08 66 89 4C 0C C7 44 06 00 70 .D.f.\.f.L..D..p
- 0000250: 50 C7 44 04 00 00 B4 42 CD 13 0F 82 AF 00 BB 00 P.D....B........
- 0000260: 70 EB 66 66 8B 45 04 66 09 C0 0F 85 97 00 66 8B p.ff.E.f......f.
- 0000270: 05 66 31 D2 66 F7 34 88 54 0A 66 31 D2 66 F7 74 .f1.f.4.T.f1.f.t
- 0000280: 04 88 54 0B 89 44 0C 3B 44 08 7D 79 8B 04 2A 44 ..T..D.;D.}y..*D
- 0000290: 0A 39 45 08 7F 03 8B 45 08 29 45 08 66 01 05 66 .9E....E.)E.f..f
- 00002a0: 83 55 04 00 8A 54 0D C0 E2 06 8A 4C 0A FE C1 08 .U...T.....L....
- 00002b0: D1 8A 6C 0C 5A 52 8A 74 0B 50 BB 00 70 8E C3 31 ..l.ZR.t.P..p..1
- 00002c0: DB B4 02 CD 13 72 46 8C C3 8E 45 0A 58 C1 E0 05 .....rF...E.X...
- 00002d0: 01 45 0A 60 1E C1 E0 03 89 C1 31 FF 31 F6 8E DB .E.`......1.1...
- 00002e0: FC F3 A5 1F BE 23 81 E8 57 00 61 83 7D 08 00 0F .....#..W.a.}...
- 00002f0: 85 24 FF 83 EF 0C E9 16 FF BE 25 81 E8 42 00 5A .$........%..B.Z
- 0000300: EA 00 82 00 00 BE 28 81 E8 36 00 EB 06 BE 2D 81 ......(..6....-.
- 0000310: E8 2E 00 BE 32 81 E8 28 00 EB FE 6C 6F 61 64 69 ....2..(...loadi
- 0000320: 6E 67 00 2E 00 0D 0A 00 47 65 6F 6D 00 52 65 61 ng......Geom.Rea
- 0000330: 64 00 20 45 72 72 6F 72 00 BB 01 00 B4 0E CD 10 d. Error........
- 0000340: 46 8A 04 3C 00 75 F2 C3 00 00 00 00 00 00 00 00 F..<.u..........
- 0000350: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
- 0000360: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
- 0000370: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
- 0000380: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
- 0000390: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
- 00003a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
- 00003b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
- 00003c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
- 00003d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
- 00003e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
- 00003f0: 00 00 00 00 02 00 00 00 00 00 00 00 65 00 20 08 ............e. .
- 0000400: EA 21 82 00 00 00 04 00 74 3E 00 00 70 74 00 00 .!......t>..pt..
- 0000410: A7 56 00 00 FE FF FF FF FE FF FF FF 89 66 00 00 .V...........f..
- 0000420: 00 FA 31 C0 8E D8 8E D0 8E C0 66 BD F0 1F 00 00 ..1.......f.....
- ...
- 00007e0: 19 8D 0C 17 89 55 D0 8A 14 01 88 14 03 40 39 45 .....U.......@9E
- 00007f0: DC 7D F4 8B 55 D0 03 5D E4 42 31 C0 3B 55 DC 7C .}..U..].B1.;U.|
As you can see, it contains the GRUB code and cannot be used.
Now we initialize the key sector with the random bits that will be our key. Note that I randomize the first 61 sectors skipping the first one.
USB Initialization
- #> dd if=/dev/zero of=/dev/sdb bs=512 seek=1 count=61
- #> dd if=/dev/urandom of=/dev/sdb bs=512 seek=1 count=61
Created the key, now it is time to add the LUKS key to the crypted disk, in my case /dev/sda5.
LUKS Key Setup
- #> { printf '%s' 'my_pin' ; dd if=/dev/sdb bs=512 skip=1 count=1 ; } > keyfile
- #> cryptsetup --verbose luksAddKey /dev/sda5 keyfile
- #> cryptsetup --verbose luksDump /dev/sda5
- #> wipe keyfile
The PIN is my_pin: change it with your pin
Configure the boot process updating the /etc/crypttab file:
/etc/crypttab
- sda5_crypt UUID=67e656f0-c431-42b0-afa4-bb65c813589c /dev/sdb:1 luks,keyscript=/etc/security/keyscript.sh
We have specified the password script keyscript=/etc/security/keyscript.sh, the device and the sector to use /dev/sdb:1
The last action is recreate the boot initramfs disks.
Update the boot process
- #> update-initramfs -u
All done
Next time you reboot the PC, you'll use the long password, if you don't have put the USB key, or the short password and the USB key.
This is only a starting point, with the keyscript.sh (keyscript.sh) file you could do what ever you want to find or generate the key to pass to LUKS.
For example, you could mount a filesystem and use a specific file to use as a key.