Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Sign up!
EnGarde Community
What is the most important Linux security technology?
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Latest Newsletters
Linux Advisory Watch: March 27th, 2015
Linux Security Week: March 23rd, 2015
LinuxSecurity Newsletters
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By


2. Introduction

There are currently a few alternatives to using Cryptoloop. Loop-AES ( is probably the most well-known. It provides very similar functionality to Cryptoloop. Aes-loop is currently more mature than Cryptoloop and it is also faster (about twice as fast, according to the author of loop-AES), because it uses a highly optimized assembler implementation for AES. This doesn't mean that Cryptoloop is slow. I have not noticed any significant speed differences between a Cryptoloop-encrypted partition and a non-encrypted partition during everyday work with normal amounts of I/O. Unless I/O performance is extremely important to you, Cryptoloop should do just fine. Loop-AES offers some additional features that are not yet present in the kernel implementation of Cryptoloop. Loop-AES requires modified userspace tools (mount, losetup) and these modifications are incompatible with Cryptoloop. You will not be able to use Cryptoloop and Loop-AES at the same time.

In terms of security, Cryptoloop is doing ok. The key is usually generated from a password and its hash is used as the key to AES. This leads to the possibility of a known-plaintext attack. Loop-AES is superior in this regard, because it generates a random key and encrypts this key separately, making a known-plaintext attack more difficult. Loop-AES also supports a multi-key mode, where sectors are encrypted with 64 separate AES keys. In general, a brute-force attack on your password can be very effective, if you choose a weak password. To be on the safe side, your password should be at least 20 characters long. Otherwise a brute-force attack on the password will be much easier than trying to brute-force the AES encryption directly.

The Cryptoloop functionality in the standard kernel provides a stable and clean implementation without the need for extra patches. Since it is still fairly new, it may not have gotten the necessary amount of review in terms of security. You have to decide for yourself what is suitable for you.

IMPORTANT: Cryptoloop has been marked deprecated in the latest 2.6 kernel. This means that it will no longer be maintained actively. The successor to Cryptoloop will be dm-crypt. Dm-crypt is available in the main kernel since 2.6.4. Cryptoloop will still be available in the main kernel for a long time, but dm-crypt will be the method of choice for disk encryption in the future. Dm-crypt is based on the device mapper and offers pretty much the same functionality as Cryptoloop. It is still very new and there are no easy-to-use userspace tools available yet. Dm-crypt is considered to be much cleaner code than Cryptoloop, but there are some important differences. For example, creating an ecrypted filesystem within a file will still require to go through a loop device, but this support is still in development.

There are other tools which allow you to create an encrypted file system. BestCrypt is a commercial product from Jetico. It allows you to create encrypted containers and has a large choice of ciphers. It also offers some nifty features such as hidden containers. It is available for Windows and Linux, which makes it suitable for interchanging encrypted containers between Windows and Linux. BestCrypt now compiles on 2.6 kernels as well. Cryptoloop can also create containers that can be moved around, by creating the encrypted file system within a file as described below. I don't know of a way to access the Cryptoloop-encrypted files from other operating systems such as Windows. In this case, BestCrypt may be your only choice.

There are other commercial disk encryption tools such as PGP disk, but to my knowledge there is no Linux support for them.



Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
FBI Quietly Removes Recommendation To Encrypt Your Phone
And the prize for LEAST SECURE BROWSER goes to ... Chrome!
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2015 Guardian Digital, Inc. All rights reserved.