Skip to content

Latest commit

 

History

History
83 lines (64 loc) · 3.48 KB

disk_encryption.md

File metadata and controls

83 lines (64 loc) · 3.48 KB
Raw

Disk encryption

This document describes how a physical block device is encrypted with sabakan-cryptsetup.

Steps to encrypt a block device

  1. sabakan-cryptsetup tries to detect TPM 2.0. If TPM 2.0 is available, it generates a random key and stores it into TPM. The length of the key is the same as --keysize given for sabakan-cryptsetup.
  2. sabakan-cryptsetup reads meta data from the head of the block device.
  3. If meta data is not found:
    1. Generate two random keys of the specified length.
    2. Call cryptsetup to setup an encrypted block device using the calculated key.
    3. Format the disk using one of the two keys as described in the next section.
    4. Store the other key in sabakan.
    5. Done.
  4. If meta data is found:
    1. If meta data indicates that it is formatted w/o TPM:
      1. If TPM 2.0 becomes available now, goto 3.
      2. If TPM 2.0 remains unavailable, goto 5.
  5. Read key ID from the meta data to retrieve key-encryption-key from sabakan.
  6. Calculate the disk encryption key with the retrieved key and key stored in meta data, and optionally in TPM.
  7. Use the encryption key to call cryptsetup.
  8. Done.

Disk encryption keys

sabakan-cryptsetup uses bitwise-XOR to calculate the disk encryption key from divided keys. This is called one-time pad.

When TPM 2.0 is available, the keys are divided into three. When not, the keys are divided into two.

Two keys are generated for a block device. A key in TPM is shared among all block devices. One of the two keys is stored in the meta data in the block device. Another key is stored in sabakan using its REST API.

Disk layout

Disks encrypted with sabakan-cryptsetup have 2 MiB of meta data at the beginning. The meta data itself is not encrypted. The format of meta data is as follows:

Offset Length (bytes) Value
0x0000 20 "\x80sabakan-cryptsetup3"
0x0014 1 Key size (bytes)
0x0015 1 TPM version ID
0x0016 1 Length of cipher name
0x0017 105 cipher name
0x0080 16 Random ID
0x0090 vary Key encryption key
  • The maximum length of cipher name is 105.
  • Unused areas are filled with 0x88.
  • The size of key encryption key (KEK) is the same as the key size at 0x0014.

TPM version IDs

ID Version
0 Not exist
1 1.2 (not supported)
2 2.0

Conversion from old layouts

If the meta data has \x80sabakan-cryptsetup2 in its first 20 bytes, the meta data will be automatically converted to the current disk layout without TPM information.

TPM 2.0

sabakan-cryptsetup writes/reads from the /dev/tpm0 if the server supports TPM 2.0.

Name Offset Size(byte) Description
Key 0x01000000 vary A random key. It is generated by crypto/rand of Go.