[luau] Help needed with Loopback Encrypted Filesystems

Nicholas E. Walker new at gnu.org
Sun Sep 21 10:43:00 PDT 2003


On Sat, Sep 20, 2003 at 05:03:32PM -0500, MonMotha wrote:
[snip]
> Nope, root doesn't matter at all.  You *need* that crypto key.  If you lost 
> the key, there is no way to retrieve the data short of attacking the crypto 
> (and twofish is pretty damn strong).

Well, the only "good news" is that the twofish key is generated from a
much weaker password.  It would make the most sense to attack the
password (actually it would make the most sense to attack the person who
picked the password, but I'm guessing that's not an option).  It should
be very simple to write a script with sh/expect that would try to brute
force the password (by checking to see if the password produces a
plaintext with garbage or with a legitimate filesystem), and only
slightly more complex and faster to write a program that understands the
password-to-key algorithm and the encryption algorithm and can attack
the file directly.

MonMotha is right, though.  You're asking about breaking something that
was designed not to be broken.

Good luck.

Nicholas



More information about the LUAU mailing list