3

I have read a few tutorials on setting up an encrypted file system using cryptsetup. They all start with the following creation of a random file

dd if=/dev/urandom of=/etc/cryptfile bs=1M count=10

This file would be further used to create a loopback device. The reason given for the randomising the file is generally given that the attacker won't be able to find what parts of the file are used to write and what parts are empty. My question is that since the loop back device is any way going to be formatted when we write the file system on it then why would we care about randomizing it in the first place?

voretaq7
  • 79,345
  • 17
  • 128
  • 213
Amit S
  • 153
  • 1
  • 6
  • I'm not sure, but I've always used `/dev/zero`, it's quicker, and if there's no reason to randomize it, I don't see why not. This might change depending on the answer to this question though.. – Azz Nov 22 '10 at 00:39

1 Answers1

9

When you format a drive you don't erase any of the data that on it. You only overwrite the part that keeps track of where files are (the filesystem). The only way to get rid of the data is to overwrite it. If you overwrite it with zeros as Azz suggests, an attacker will know which parts are information and which parts are zeroes instantly. Random data looks just like encrypted data however (all else being equal).

Chris S
  • 77,337
  • 11
  • 120
  • 212