Full disk encryption without a boot partition

Tobias Weingartner weingart at tepid.org
Fri Dec 28 09:58:44 PST 2012

You can think of the openbsd part to be a crypt softraid volume.  One of the
parts of the volume can be a "key" disk (think usb stick/etc) that could contain
the key parts to help with booting without a passphrase, yet support the quick
rendering of the whole system as a brick of bits.

Of course, you can type the passphrase if you choose to.


On Thu, Dec 27, 2012 at 11:48 PM, Alex Hornung <alex at alexhornung.com> wrote:
> On 27/12/12 22:40, mhca12 wrote:
>> On Thu, Dec 27, 2012 at 11:00 PM, Alex Hornung <alex at alexhornung.com> wrote:
>>> On 27/12/12 22:13, mhca12 wrote:
>>>> On Thu, Dec 27, 2012 at 10:08 PM, Alex Hornung <alex at alexhornung.com> wrote:
>>>>> On 26/12/12 22:19, mhca12 wrote:
>>>>>> Are there any plans or is there already support for full
>>>>>> disk encryption without the need for a boot partition?
>>>>> No, the userland tool that sets up the decryption of the root partition,
>>>>> as well as the kernel and modules need to be somewhere that is not
>>>>> encrypted - otherwise the boot loader would need to support the disk
>>>>> encryption.
>>>> Seems like OpenBSD 5.2's bootloader can do that.
>>>> Any idea how they did it?
>>>  I didn't say that it's impossible, I just stated what would be
>>> required. There are no plans to do any such thing in DragonFly BSD, as
>>> there is pretty much no point. Doing it in any other way than with the
>>> separate /boot partition overcomplicates everything by an order of
>>> magnitude (since, for example, the setup cannot occur in userland
>>> anymore) for no real benefit.
>> Sorry that I wasn't precise. I meant to say I find it hard to believe that
>> OpenBSD extended the bootloader to do decryption.
>> Your stated reasons make a lot of sense and I will try to find out
>> how it works in OpenBSD because I'm curious.
> I digged around a bit this morning out of interest. It seems a good
> chunk of cryptography was added to libstand, which, afaict, is what the
> bootloader uses - pbkdf2, AES, AES-XTS, SHA1, HMAC-SHA1.
> Those components are indicative of disk encryption - pbkdf2 will derive
> a key from your passphrase, AES-XTS is the nowadays preferred block
> cipher (and mode) for disk encryption, HMAC-SHA1 provides authenticated
> message integrity.
> That said, I haven't found much else in the bootloader code except some
> rudimentary softraid support. From a short look I'd say pieces are still
> missing (or maybe I've just missed them), but there is definitely some
> work on extending the OpenBSD bootloader to support full disk encryption.
> That said and going back to DragonFly - our encryption scheme is much
> more flexible than OpenBSD's. The in-kernel part is almost completely
> generic, and userland tools provide the knowledge about the header for
> LUKS (cryptsetup) and TrueCrypt (tcplay), for example. We also support a
> large number of block ciphers, IV generation schemes, etc, as required
> by LUKS and tcplay.
> Supporting everything in the bootloader would be a lot of work, and I
> simply don't see the benefit. There is nothing wrong with having an
> unencrypted /boot partition - and you could in principle use an external
> /boot partition on, say, a USB stick.
> HTH,
> Alex

More information about the Users mailing list