Technical Details: Encrypted Partition Encryption/Decryption
The encrypted partition that forms the bulk of an encrypted volume is encrypted on a 512 byte, sector-by-sector basis using:
- The master key stored within the volume's CDB (or keyfile)
- A per-sector IV (provided that the cypher used has a fixed blocksize, greater than zero)
Per-Sector IV Generation
The manner in which per-sector IVs are generated depends on the IV
generation method the user selected when creating the volume:
IV Generation Method
|
Description
|
Null IV
|
No IV is used/a null IV is used.
i.e. A block of data consisting of with 0x00 (null) characters is used as the IV
|
32 bit sector ID
|
The least significant 32 bits of the sector ID is right-padded with 0x00 characters, and used as the IV.
These bits are ordered MSB..LSB.
|
64 bit sector ID
|
As the 32-bit sector ID method, but a 64 bits sector ID is used.
Note: This is unlikely to offer any security advantage over using 32
bit sector IDs, unless used with a volume file ((2^32) * 512) bytes
long (2048GB), or greater
|
Hashed 32 bit sector ID
|
The least significant 32 bits of the sector ID is hashed with the user's choice of hash algorithm.
The resulting hash value will be truncated/right padded with 0x00
characters until it is the same length as the cypher's blocksize.
|
Hashed
64 bit sector ID
|
As the hashed 32-bit sector ID method, but a 64 bits sector ID is used.
Note: This is unlikely to offer any security advantage over using 32
bit sector IDs, unless used with a volume file ((2^32) * 512) bytes
long (2048GB), or greater |
ESSIV |
This option offers the most security.
On mounting the FreeOTFE volume, the master key used for
encrypting/decrypting the volume is hashed with the hash algorithm
chosen by the user when the volume was created.
If the cypher used for encryption/decryption has a fixed keysize, this
hash output is truncated/right padded with 0x00 characters until it
matches the cypher's keysize and stored as the "ESSIV key" (or "salt").
If the cypher doesn't have a fixed keysize, the full hash output is
stored as this key ("salt").
When a per-sector IV is required, the 64 bit sector ID is encrypted
using the "ESSIV key". This encrypted sector ID is
truncated/right-padded with 0x00 characters until it matches the
cypher's blocksize.
|
In all
cases, the sector ID is calculated as:
Sector ID = (Ostart - Soffset) % Ssize
where:
Ostart
|
The offset within the host volume/partition from where the encrypted partition begins (i.e. after any CDB)
|
Soffset
|
The offset from within the encrypted partition from where the sector begins
|
Ssize
|
The sector size of the emulated drive (i.e. 512 bytes)
|
%
|
is the modulus operator
|
Putting it another way, this is the sector ID (starting from zero) of the partition as it appears to the host OS after mounting.
If the user opted to additionally use per-volume IVs when the volume
was created, IVs generated using the method selected by the user when
the volume was created are XORd with a "per-volume" IV. This
"per-volume" IV consists of a block of data equal to the blocklength of
the cypher used to encrypt the volume and consists of random data
generated when the volume was created, and stored within the volume's
CDB (or keyfile).
|