Tso tawm Cryptsetup 2.6 nrog kev txhawb nqa rau FileVault2 encryption mechanism

Ib txheej ntawm Cryptsetup 2.6 cov khoom siv hluav taws xob tau raug luam tawm, tsim los txhim kho encryption ntawm disk partitions hauv Linux siv dm-crypt module. Txhawb dm-crypt, LUKS, LUKS2, BITLK, voj-AES thiab TrueCrypt/VeraCrypt partitions. Nws kuj suav nrog veritysetup thiab integritysetup cov khoom siv rau kev teeb tsa cov ntaub ntawv kev ncaj ncees tswj raws li dm-verity thiab dm-kev ncaj ncees modules.

Kev txhim kho tseem ceeb:

• Ntxiv kev txhawb nqa rau cov khoom siv cia encrypted siv FileVault2 mechanism siv rau tag nrho-disk encryption hauv macOS. Cryptsetup ua ke nrog tus tsav hfsplus tam sim no tuaj yeem qhib USB drives encrypted nrog FileVault2 hauv kev nyeem-sau hom ntawm cov tshuab nrog lub Linux ntsiav li niaj zaus. Kev nkag mus rau drives nrog HFS + cov ntaub ntawv kaw lus thiab nrog Core Storage partitions tau txais kev txhawb nqa (kev faib nrog APFS tseem tsis tau txhawb nqa).
• Lub tsev qiv ntawv libcryptsetup tau tso tawm los ntawm kev kaw thoob ntiaj teb ntawm txhua lub cim xeeb los ntawm mlockall() hu, uas tau siv los tiv thaiv kev xau ntawm cov ntaub ntawv tsis pub lwm tus paub rau kev sib pauv muab faib. Vim tias dhau qhov txwv ntawm qhov loj tshaj plaws ntawm kev kaw lub cim xeeb thaum khiav yam tsis muaj cov cai hauv paus, cov ntawv tshiab siv cov kev xaiv xauv nkaus xwb rau cov chaw nco uas khaws cov yuam sij encryption.
• Qhov tseem ceeb ntawm cov txheej txheem ua cov cim tseem ceeb (PBKDF) tau nce.
• Ntxiv functionality ntxiv LUKS2 tokens thiab binary yuam sij rau LUKS keyslot, ntxiv rau yav dhau los cov lus txhawb nqa thiab cov ntaub ntawv tseem ceeb.
• Nws muaj peev xwm mus muab tau ib tug muab faib key siv ib tug passphrase, ib cov ntaub ntawv nrog ib tug yuam sij, los yog ib tug token.
• Ntxiv "--siv-tasklets" kev xaiv rau veritysetup los txhim kho kev ua tau zoo ntawm qee lub tshuab khiav Linux 6.x kernel.

Tau qhov twg los: opennet.ru