144
WHERE DO ENCRYPTED PAYLOAD START ?
The payload will start after
<extents count>
blocks of
<header extent size>
bytes. Here, this is 2
times 4096 (0x1000) bytes. We also know that the file will be only 18 bytes (
<unencrypted file
size>
) once decrypted. Because eCryptfs uses block cryptography, this can be smaller than the
size of the encrypted data section.
HOW TO GET THE SESSION KEY ?
The cryptography material is contained in the variable-sized
authentication token packet set
chunk, starting at offset 26 in the header extent. Each packet in this set starts with a type byte
followed by one or more size byte(s) and finally some payload bytes, as defined in section 4.3 of
RFC2440.
The current firmware for 1669 Picolo.net HD1 only supports passphrases to authenticate users of
the encrypted storage, meaning that the only two packets expected in the set are:
n
Symmetric key encrypted (packet tag 3), as defined in section 5.3 of the RFC
n
eCryptfs key signature (packet type 0x2d) following the generic “literal data” structure (packet
tag 11) as described in section 5.9 of the RFC.
The key signature uniquely identify the master key used to encrypt the session key contained in
the tag-3 packet. eCryptfs use it to look up for the corresponding key in its internal keyring.
According to §5.3 of the RFC:
n
If the encrypted session key is present, the result of applying the S2K [string to key] algorithm to
the passphrase is used to decrypt just that encrypted session key field, using CFB mode with an IV
[initialization vector] of all zeros.
n
The decryption result consists of a one-octet algorithm identifier that specifies the symmetric-key
encryption algorithm used to encrypt the following Symmetrically Encrypted Data Packet,
followed by the session key octets themselves.
On the sample encrypted file, we can tell from
the “string to key” specifier that we will have
to use “iterated and salted” algorithm
(specifier #3, described at section 3.6.1.3 of the
RFC) using the MD5 hash algorithm (identifier
#1), stating that 65536 bytes should be hashed
(coded count = 0x60)
This gives us the 128-bit “master key” required
to decrypt the session key as indicated above.
Picolo.net
Handbook
Application Notes
Содержание 1669-DR Picolo.net HD1
Страница 15: ...15 Connectors Location and Markings Mechanical Specification Picolo net Handbook...
Страница 16: ...16 1669 DR PICOLO NET HD1 DIN RAIL Front panel Rear panel Picolo net Handbook Mechanical Specification...
Страница 17: ...17 1669 DW PICOLO NET HD1 DESKTOP WALL Front panel Rear panel Mechanical Specification Picolo net Handbook...
Страница 95: ...95 Home Page The Home page URL is http device ip address Web Pages Picolo net Handbook...
Страница 103: ...103 Web Pages Picolo net Handbook...