Primero vamos a ver un ejemplo de como se visualizan los datos encryptados y como se ven en Texto Plano
Vamos a crear un arhivo de 32 Megabytes para realizar una prueba, esto si lo quieren replicar pueden utilizar el tamaño que ustedes quieran.
Para realizar esto vamos a utilizar el comando dd y para que se vea claramente cuales datos estan encryptados y cuales no se utilizara como relleno del archivo /dev/zero
Código:
dd if=/dev/zero of=encrypted_data.dat bs=1M count=32
16+0 records in
16+0 records out
16777216 bytes (17 MB, 16 MiB) copied, 0.0081657 s, 2.1 GB/s
Listamos que nuestro archivo este creado y que tenga el peso adecuado
Código:
ls -lh encrypted_data.dat
-rw-r--r-- 1 albertobsd albertobsd 32M Jul 10 16:28 encrypted_data.dat
verificamos que nuestro archivo este llenos de Zeros para este ejemlo
Código:
file encrypted_data.dat
encrypted_data.dat: data
Código:
hexedit encrypted_data.dat
00000000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........................
00000018 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........................
00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........................
00000048 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........................
00000060 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........................
00000078 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........................
00000090 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........................
000000A8 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........................
000000C0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........................
000000D8 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........................
000000F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........................
00000108 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........................
00000120 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........................
00000138 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........................
00000150 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........................
00000168 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........................
00000180 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........................
00000198 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........................
000001B0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........................
000001C8 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........................
000001E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........................
000001F8 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........................
00000210 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........................
00000228 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........................
00000240 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........................
00000258 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........................
00000270 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........................
00000288 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........................
000002A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........................
Realize un programa que indica el nivel de entropia de Shannon para cada cantidad bytes en el archivo
Código:
./chunkentropy encrypted_data.dat 1048576
Chunk 1: from 0x00000000 to 0x000fffff Entropy = 0.000000
Chunk 2: from 0x00100000 to 0x001fffff Entropy = 0.000000
Chunk 3: from 0x00200000 to 0x002fffff Entropy = 0.000000
Chunk 4: from 0x00300000 to 0x003fffff Entropy = 0.000000
Chunk 5: from 0x00400000 to 0x004fffff Entropy = 0.000000
Chunk 6: from 0x00500000 to 0x005fffff Entropy = 0.000000
Chunk 7: from 0x00600000 to 0x006fffff Entropy = 0.000000
Chunk 8: from 0x00700000 to 0x007fffff Entropy = 0.000000
Chunk 9: from 0x00800000 to 0x008fffff Entropy = 0.000000
Chunk 10: from 0x00900000 to 0x009fffff Entropy = 0.000000
Chunk 11: from 0x00a00000 to 0x00afffff Entropy = 0.000000
Chunk 12: from 0x00b00000 to 0x00bfffff Entropy = 0.000000
Chunk 13: from 0x00c00000 to 0x00cfffff Entropy = 0.000000
Chunk 14: from 0x00d00000 to 0x00dfffff Entropy = 0.000000
Chunk 15: from 0x00e00000 to 0x00efffff Entropy = 0.000000
Chunk 16: from 0x00f00000 to 0x00ffffff Entropy = 0.000000
Chunk 17: from 0x01000000 to 0x010fffff Entropy = 0.000000
Chunk 18: from 0x01100000 to 0x011fffff Entropy = 0.000000
Chunk 19: from 0x01200000 to 0x012fffff Entropy = 0.000000
Chunk 20: from 0x01300000 to 0x013fffff Entropy = 0.000000
Chunk 21: from 0x01400000 to 0x014fffff Entropy = 0.000000
Chunk 22: from 0x01500000 to 0x015fffff Entropy = 0.000000
Chunk 23: from 0x01600000 to 0x016fffff Entropy = 0.000000
Chunk 24: from 0x01700000 to 0x017fffff Entropy = 0.000000
Chunk 25: from 0x01800000 to 0x018fffff Entropy = 0.000000
Chunk 26: from 0x01900000 to 0x019fffff Entropy = 0.000000
Chunk 27: from 0x01a00000 to 0x01afffff Entropy = 0.000000
Chunk 28: from 0x01b00000 to 0x01bfffff Entropy = 0.000000
Chunk 29: from 0x01c00000 to 0x01cfffff Entropy = 0.000000
Chunk 30: from 0x01d00000 to 0x01dfffff Entropy = 0.000000
Chunk 31: from 0x01e00000 to 0x01efffff Entropy = 0.000000
Chunk 32: from 0x01f00000 to 0x01ffffff Entropy = 0.000000
Por ejemplo si llenamos el primer Megabyte del archivo con Datos aleatorios
Código:
dd if=/dev/urandom of=encrypted_data.dat bs=1M count=1 conv=notrunc
La salida se vera asi:
Código:
$ ./chunkentropy encrypted_data.dat 1048576
Chunk 1: from 0x00100000 to 0x001fffff Entropy = 7.999838
Chunk 2: from 0x00200000 to 0x002fffff Entropy = 0.000000
Chunk 3: from 0x00300000 to 0x003fffff Entropy = 0.000000
....
Como ven solo el primer chunk cambia a una entropia de casi 8 que para este caso es la mas alta.
Código:
./chunkentropy header.64 1048576
por ejemplo un pequeño archivo base64 se muestra asi:
Chunk 1: from 0x00100000 to 0x001004d8 Entropy = 5.903432
Ahora proceremos a formatear nuestro archivo como un archivo LUKS
Código:
sudo cryptsetup --verbose --cipher aes-xts-plain64 --key-size 256 --hash sha256 --iter-time 10000 --use-urandom --verify-passphrase luksFormat ./encrypted_data.dat
Nos pedira ingresar YES en mayusculas y nuestra contraseña 2 veces para verificar que este correcta
Si ahora utilizamos file y hexedit vermos lo siguiente:
Código:
file encrypted_data.dat
encrypted_data.dat: LUKS encrypted file, ver 2 [, , sha256] UUID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
Código:
00000000 4C 55 4B 53 BA BE 00 02 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 03 LUKS..........@.........
00000018 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........................
00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........................
00000048 73 68 61 32 35 36 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 sha256..................
00000060 00 00 00 00 00 00 00 00 7E 5B D3 B6 82 38 CE 03 00 BE 7C 85 B0 DA 58 19 ........~[...8....|...X.
00000078 58 0D 6E 00 44 C3 5A 69 2F 01 F5 C3 07 C9 59 09 9A D6 7D 12 FF ED B5 41 X.n.D.Zi/.....Y...}....A
00000090 94 1D 3D E4 D3 5A F4 E8 50 E0 3B F3 42 29 26 F1 AE FD 40 24 6E 18 0E 36 ..=..Z..P.;.B)&...@$n..6
000000A8 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF xxxxxxxx-xxxx-xxxx-xxxx-
000000C0 FF FF FF FF FF FF FF FF FF FF FF FF 00 00 00 00 00 00 00 00 00 00 00 00 xxxxxxxxxxxx............
000000D8 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........................
000000F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........................
00000108 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........................
00000120 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........................
00000138 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........................
00000150 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........................
00000168 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........................
00000180 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........................
00000198 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........................
000001B0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 32 46 66 C1 97 16 D8 E5 ................2Ff.....
000001C8 13 46 1B 8F 93 E7 61 E0 0A 5D 10 AD 46 40 A6 5E BF 80 F4 DE 21 7D 9C 59 .F....a..]..F@.^....!}.Y
000001E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........................
000001F8 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........................
00000210 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........................
00000228 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........................
00000240 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........................
00000258 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........................
00000270 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........................
00000288 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........................
000002A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........................
Como vemos ahora ya tiene un header
Vamos a ver como quedo la entropia de este ejemplo
Código:
./chunkentropy encrypted_data.dat 1048576
Chunk 1: from 0x00000000 to 0x000fffff Entropy = 7.938425
Chunk 2: from 0x00100000 to 0x001fffff Entropy = 7.999824
Chunk 3: from 0x00200000 to 0x002fffff Entropy = 7.999804
Chunk 4: from 0x00300000 to 0x003fffff Entropy = 7.999826
Chunk 5: from 0x00400000 to 0x004fffff Entropy = 7.999821
Chunk 6: from 0x00500000 to 0x005fffff Entropy = 7.999819
Chunk 7: from 0x00600000 to 0x006fffff Entropy = 7.999830
Chunk 8: from 0x00700000 to 0x007fffff Entropy = 7.999810
Chunk 9: from 0x00800000 to 0x008fffff Entropy = 7.999794
Chunk 10: from 0x00900000 to 0x009fffff Entropy = 7.999838
Chunk 11: from 0x00a00000 to 0x00afffff Entropy = 7.999839
Chunk 12: from 0x00b00000 to 0x00bfffff Entropy = 7.999822
Chunk 13: from 0x00c00000 to 0x00cfffff Entropy = 7.999832
Chunk 14: from 0x00d00000 to 0x00dfffff Entropy = 7.999830
Chunk 15: from 0x00e00000 to 0x00efffff Entropy = 7.999827
Chunk 16: from 0x00f00000 to 0x00ffffff Entropy = 7.999808
Chunk 17: from 0x01000000 to 0x010fffff Entropy = 0.000000
Chunk 18: from 0x01100000 to 0x011fffff Entropy = 0.000000
Chunk 19: from 0x01200000 to 0x012fffff Entropy = 0.000000
Chunk 20: from 0x01300000 to 0x013fffff Entropy = 0.000000
Chunk 21: from 0x01400000 to 0x014fffff Entropy = 0.000000
Chunk 22: from 0x01500000 to 0x015fffff Entropy = 0.000000
Chunk 23: from 0x01600000 to 0x016fffff Entropy = 0.000000
Chunk 24: from 0x01700000 to 0x017fffff Entropy = 0.000000
Chunk 25: from 0x01800000 to 0x018fffff Entropy = 0.000000
Chunk 26: from 0x01900000 to 0x019fffff Entropy = 0.000000
Chunk 27: from 0x01a00000 to 0x01afffff Entropy = 0.000000
Chunk 28: from 0x01b00000 to 0x01bfffff Entropy = 0.000000
Chunk 29: from 0x01c00000 to 0x01cfffff Entropy = 0.000000
Chunk 30: from 0x01d00000 to 0x01dfffff Entropy = 0.000000
Chunk 31: from 0x01e00000 to 0x01efffff Entropy = 0.000000
Chunk 32: from 0x01f00000 to 0x01ffffff Entropy = 0.000000
para este caso vemos que el primer chunk tiene entropia de 7.93 y los siguientes 15 casi de 7.99 Esto se debe que luksFormat rellena los primer 16 MB con data aleatoria
Estos primer 16 MB estan reservados para los slots de llaves que pueden desencryptar el disco.
Y solo el primer chunk tiene algunos bytes en Zero por eso tiene una menor entropia que los 15 anteriores.
Con el comando que tengo podemos pedir que los chunks sean de 32 Kilobytes esto es 32768 bytes
Código:
./chunkentropy encrypted_data.dat 32768 | more
Chunk 1: from 0x00008000 to 0x0000ffff Entropy = 0.617400
Chunk 2: from 0x00010000 to 0x00017fff Entropy = 7.994948
Chunk 3: from 0x00018000 to 0x0001ffff Entropy = 7.995090
Chunk 4: from 0x00020000 to 0x00027fff Entropy = 7.994745
Chunk 5: from 0x00028000 to 0x0002ffff Entropy = 7.994557
....
Si vemos solo el primer chunk de 32 KB tiene una entropia de casi Cero y los demas chunks tienen entropia de 7.99 (Esto es random data)
Volviendo a los Chunks de 1 MB notaremos que los chunks del 17 al 32 vemos que estos siguen con entropia de Zero ya que estos actualmente tienen el relleno original de /dev/zero
Podremos ver esto con hexedit al offset 0x01000000
Código:
00FFFF74 10 CC B5 BE AF 99 D6 B6 18 09 B8 6A B5 E3 E4 E5 8F 44 6E E1 ...........j.....Dn.
00FFFF88 A4 F1 05 52 94 7B E7 28 B6 EA CC 2B 90 C7 64 2E FD 26 4F 5D ...R.{.(...+..d..&O]
00FFFF9C EB B4 EA DB 80 A8 B6 49 E7 4A 9D 46 2D 34 64 0C E0 8B 69 72 .......I.J.F-4d...ir
00FFFFB0 0E 71 E2 11 3A F9 FC C7 CC A1 F2 12 0A 44 D9 9A 20 87 EB C5 .q..:........D.. ...
00FFFFC4 56 96 04 DD 95 0F 5B BC 2E FE 80 08 89 55 63 65 17 0D A1 04 V.....[......Uce....
00FFFFD8 06 9B 19 A3 FC CA 68 0B 74 D8 B6 01 A9 D9 8E D4 74 A7 C9 DE ......h.t.......t...
00FFFFEC 98 AB F3 ED 47 E1 3C 55 AB B4 9D A5 F0 F5 B6 2E 07 A3 D8 A1 ....G.<U............
01000000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ....................
01000014 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ....................
01000028 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ....................
0100003C 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ....................
01000050 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ....................
01000064 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ....................
Como vemos apartir del offset 0x01000000 comienza todo Zeros tal como lo esperamos...
Ahora procederemos a generar el device descifrado y comenzar a ver como se ven los datos cuando estos comienzan a ser encryptados
Código:
sudo cryptsetup open ./encrypted_data.dat encrypted_data
Validamos que nuestro nuevo device este en /dev/mapper con
Código:
ls -lah /dev/mapper/encrypted_data
brw-rw---- 1 root disk 252, 0 Jul 10 17:36 /dev/mapper/encrypted_data
Código:
sudo ./chunkentropy /dev/mapper/encrypted_data 1048576
Chunk 1: from 0x00000000 to 0x000fffff Entropy = 7.999831
Chunk 2: from 0x00100000 to 0x001fffff Entropy = 7.999841
Chunk 3: from 0x00200000 to 0x002fffff Entropy = 7.999809
Chunk 4: from 0x00300000 to 0x003fffff Entropy = 7.999845
Chunk 5: from 0x00400000 to 0x004fffff Entropy = 7.999815
Chunk 6: from 0x00500000 to 0x005fffff Entropy = 7.999805
Chunk 7: from 0x00600000 to 0x006fffff Entropy = 7.999836
Chunk 8: from 0x00700000 to 0x007fffff Entropy = 7.999814
Chunk 9: from 0x00800000 to 0x008fffff Entropy = 7.999795
Chunk 10: from 0x00900000 to 0x009fffff Entropy = 7.999828
Chunk 11: from 0x00a00000 to 0x00afffff Entropy = 7.999858
Chunk 12: from 0x00b00000 to 0x00bfffff Entropy = 7.999816
Chunk 13: from 0x00c00000 to 0x00cfffff Entropy = 7.999820
Chunk 14: from 0x00d00000 to 0x00dfffff Entropy = 7.999835
Chunk 15: from 0x00e00000 to 0x00efffff Entropy = 7.999823
Chunk 16: from 0x00f00000 to 0x00ffffff Entropy = 7.999841
Vamos a proceder a editar Un mensaje, digamos "hola mundo" y visualizaremos como se ve los dato cifrados:
Código:
sudo hexedit /dev/mapper/encrypted_data
00000000 48 6F 6C 61 20 4D 75 6E 64 6F 20 20 20 20 20 20 20 20 20 20 Hola Mundo
00000014 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20
00000028 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20
0000003C 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20
00000050 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20
00000064 20 F4 0D 93 75 60 13 35 67 0B A5 60 32 2E 75 55 42 E9 8C 5D ...u`.5g..`2.uUB..]
00000078 46 7C 53 FF 09 2D 67 90 FB 94 47 8E D9 BA 11 11 BE 43 6B 7E F|S..-g...G......Ck~
0000008C 85 ED C6 78 F6 14 06 37 ED 3B 33 3B 77 EB 9F 14 09 2A 2A C8 ...x...7.;3;w....**.
000000A0 6D 5F 2B 6C E8 FD B3 03 71 78 C0 AE 7E 91 39 EF 5D D5 D7 DD m_+l....qx..~.9.]...
000000B4 AA A9 94 8D 7C 2D FB D0 99 AB 5C B4 B3 A7 F5 6B 7C 0E E3 B9 ....|-....\....k|...
000000C8 CE C0 13 BA 60 C4 A6 60 07 41 58 59 88 13 1C FD B0 F1 A3 DA ....`..`.AXY........
Y ahora vemos el archivo encrypted_data.dat en el offset 0x01000000
Código:
hexedit encrypted_data.dat
00FFFFB8 CC A1 F2 12 0A 44 D9 9A 20 87 EB C5 56 96 04 DD 95 0F 5B BC 2E FE 80 08 .....D.. ...V.....[.....
00FFFFD0 89 55 63 65 17 0D A1 04 06 9B 19 A3 FC CA 68 0B 74 D8 B6 01 A9 D9 8E D4 .Uce..........h.t.......
00FFFFE8 74 A7 C9 DE 98 AB F3 ED 47 E1 3C 55 AB B4 9D A5 F0 F5 B6 2E 07 A3 D8 A1 t.......G.<U............
01000000 82 41 F7 46 D5 65 24 81 13 B4 CF 11 26 62 22 27 11 5C 10 9A D9 12 63 69 .A.F.e$.....&b"'.\....ci
01000018 87 9E 0E D4 83 72 AB 62 C6 95 70 AE 49 19 73 A1 C2 05 4B 54 6E 22 AC 60 .....r.b..p.I.s...KTn".`
01000030 CA EE 1A 9E A4 1E 17 0D AB EE 02 8D 54 25 68 1E 35 A6 36 C2 0C 22 C7 5F ............T%h.5.6.."._
01000048 26 16 6D B3 CF A0 33 1E 80 6C EC 56 1F 2A 15 6E B9 80 A9 58 FD B0 09 E8 &.m...3..l.V.*.n...X....
01000060 2C 88 E0 0A A8 E8 FC 69 98 99 CF 87 29 A6 D0 8A 00 00 00 00 00 00 00 00 ,......i....)...........
01000078 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........................
01000090 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........................
Como vemos apartir de offset 0x01000000 de nuestro archivo vemos que ya se van editando los datos conforme nosotros editamos el archivo
Aqui he simplificado burdamente y edite directamente sobre el device /dev/mapper/encrypted_data, lo ideal es darle un formato para almacenar achivos y montar la unidad para utilizarlo como si se tratara de otra unidad de discos.
Ahora hay que notar que Si alguien tiene acceso al archivo encrypted_data.dat podran facilmente determinar cuanto hemos escrito viendo la cantidad de entropia apartir de offset 01000000
Como evitamos esto, Facil necesitamos sobre escribir todo el /dev/mapper/encrypted_data previo a la formateada, podremos sobre escribir todo con /dev/zero o con /dev/urandom
Mi recomendacion en este caso es hacerlo con /dev/urandom con esto lograremos que tanto encrypted_data.dat y /dev/mapper/encrypted_data Esten ambos con entropia al maximo en un estado inicial.
Corremos el comando
Código:
sudo dd if=/dev/urandom of=/dev/mapper/encrypted_data bs=1M
Código:
sudo dd if=/dev/urandom of=/dev/mapper/encrypted_data bs=1M
dd: error writing '/dev/mapper/encrypted_data': No space left on device
17+0 records in
16+0 records out
16777216 bytes (17 MB, 16 MiB) copied, 0.865302 s, 19.4 MB/s
Con esto lo que hemos hecho es que toda la informacion random que entro /dev/mapper/encrypted_data se escribe en tiempo real de forma encryptada en encrypted_data.dat
Y si listamos la entropia en ambos archivo encrypted_data.dat y /dev/mapper/encrypted_data
Código:
./chunkentropy encrypted_data.dat 1048576
Chunk 1: from 0x00000000 to 0x000fffff Entropy = 7.938425
Chunk 2: from 0x00100000 to 0x001fffff Entropy = 7.999824
Chunk 3: from 0x00200000 to 0x002fffff Entropy = 7.999804
Chunk 4: from 0x00300000 to 0x003fffff Entropy = 7.999826
Chunk 5: from 0x00400000 to 0x004fffff Entropy = 7.999821
Chunk 6: from 0x00500000 to 0x005fffff Entropy = 7.999819
Chunk 7: from 0x00600000 to 0x006fffff Entropy = 7.999830
Chunk 8: from 0x00700000 to 0x007fffff Entropy = 7.999810
Chunk 9: from 0x00800000 to 0x008fffff Entropy = 7.999794
Chunk 10: from 0x00900000 to 0x009fffff Entropy = 7.999838
Chunk 11: from 0x00a00000 to 0x00afffff Entropy = 7.999839
Chunk 12: from 0x00b00000 to 0x00bfffff Entropy = 7.999822
Chunk 13: from 0x00c00000 to 0x00cfffff Entropy = 7.999832
Chunk 14: from 0x00d00000 to 0x00dfffff Entropy = 7.999830
Chunk 15: from 0x00e00000 to 0x00efffff Entropy = 7.999827
Chunk 16: from 0x00f00000 to 0x00ffffff Entropy = 7.999808
Chunk 17: from 0x01000000 to 0x010fffff Entropy = 7.999823
Chunk 18: from 0x01100000 to 0x011fffff Entropy = 7.999829
Chunk 19: from 0x01200000 to 0x012fffff Entropy = 7.999812
Chunk 20: from 0x01300000 to 0x013fffff Entropy = 7.999814
Chunk 21: from 0x01400000 to 0x014fffff Entropy = 7.999862
Chunk 22: from 0x01500000 to 0x015fffff Entropy = 7.999817
Chunk 23: from 0x01600000 to 0x016fffff Entropy = 7.999814
Chunk 24: from 0x01700000 to 0x017fffff Entropy = 7.999812
Chunk 25: from 0x01800000 to 0x018fffff Entropy = 7.999853
Chunk 26: from 0x01900000 to 0x019fffff Entropy = 7.999826
Chunk 27: from 0x01a00000 to 0x01afffff Entropy = 7.999804
Chunk 28: from 0x01b00000 to 0x01bfffff Entropy = 7.999853
Chunk 29: from 0x01c00000 to 0x01cfffff Entropy = 7.999844
Chunk 30: from 0x01d00000 to 0x01dfffff Entropy = 7.999801
Chunk 31: from 0x01e00000 to 0x01efffff Entropy = 7.999829
Chunk 32: from 0x01f00000 to 0x01ffffff Entropy = 7.999852
Código:
sudo ./chunkentropy /dev/mapper/encrypted_data 1048576
Chunk 1: from 0x00000000 to 0x000fffff Entropy = 7.999837
Chunk 2: from 0x00100000 to 0x001fffff Entropy = 7.999840
Chunk 3: from 0x00200000 to 0x002fffff Entropy = 7.999861
Chunk 4: from 0x00300000 to 0x003fffff Entropy = 7.999813
Chunk 5: from 0x00400000 to 0x004fffff Entropy = 7.999821
Chunk 6: from 0x00500000 to 0x005fffff Entropy = 7.999822
Chunk 7: from 0x00600000 to 0x006fffff Entropy = 7.999829
Chunk 8: from 0x00700000 to 0x007fffff Entropy = 7.999800
Chunk 9: from 0x00800000 to 0x008fffff Entropy = 7.999811
Chunk 10: from 0x00900000 to 0x009fffff Entropy = 7.999836
Chunk 11: from 0x00a00000 to 0x00afffff Entropy = 7.999840
Chunk 12: from 0x00b00000 to 0x00bfffff Entropy = 7.999811
Chunk 13: from 0x00c00000 to 0x00cfffff Entropy = 7.999812
Chunk 14: from 0x00d00000 to 0x00dfffff Entropy = 7.999850
Chunk 15: from 0x00e00000 to 0x00efffff Entropy = 7.999827
Chunk 16: from 0x00f00000 to 0x00ffffff Entropy = 7.999832
Vemos que ya muestra entropia de casi 8 para todo
Entonces ahora que ya tenemos el archivo con Alta entropia en el device /dev/mapper/encrypted_data y para el archivo encrypted_data.dat
Podemos proceder a formatear /dev/mapper/encrypted_data con algun formato que nos guste, por ejemplos ext3 o ext4, vfat o el que sea de su eleccion
Código:
sudo mkfs.ext3 /dev/mapper/encrypted_data
mke2fs 1.45.5 (07-Jan-2020)
Creating filesystem with 4096 4k blocks and 4096 inodes
Allocating group tables: done
Writing inode tables: done
Creating journal (1024 blocks): done
Writing superblocks and filesystem accounting information: done
Ahora ya con el device formateado procedemos a crear un punto de montaje
sudo mkdir -p /mnt/encrypted_data
Lo montamos ahi
Código:
sudo mount -v /dev/mapper/encrypted_data /mnt/encrypted
Y ahora si podremos guardar toda la informacion completamente encryptada en dicha unidad
Código:
df -h /dev/mapper/encrypted_data
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/encrypted_data 12M 28K 11M 1% /mnt/encrypted
Recordar desmontar su unidad con
Código:
sudo umount /mnt/encrypted
Y cerrar el device con
Código:
sudo cryptsetup close encrypted_data
Con este ultimo desaparece /dev/mapper/encrypted_data y todos los cambios que hicimos ya deberian de estar guardo encryptados en nuestro archivo encrypted_data.dat
Ahora solo queda tener una buena escusa para tener archivo llenos de "random"
Para ello publicare un post al respecto.