Can I encrypt the LUKS encrypted disk a second time with TrueCrypt

Yes you can double-encrypt the drive in the way you envisage, but it is not of much value at significant extra cost.

Linux uses a concept of block devices, and you you can have layered levels of encryption, each acting on the block above. Luks takes a block device, and provides another block device with the unencrypted data.

I've not (and see no reason to) use FDE on an encrypted drive, however multiple blocks are common - for example Software RAID (level 1) providing a DRBD block (level 2) for LVM (level 3) providing Encryption (level 4) is an entirely normal way of setting things up - and yes, depending on your exact goal, you can layer things in a different way.

davidgo

Posted 2018-05-06T18:07:54.813

Reputation: 49 152

Thank you for your answer

I understand, so double-encryption will not significantly improve the quality of security? I do not want to rely on one program only. So the same value will be encrypted twice, once by AES (LUKS) and the second time by Kuznyechik (VeraCrypt)? – asdS – 2018-05-07T13:56:07.700

Assuming Veracrypt used Kuzneychik encryption - whatever that is - yes. I think consensus is that the encryption behind AES is solid - attacks are more likely against the implementation. – davidgo – 2018-05-07T18:57:36.237

okay, thanks for your help

Kuznyechik is a Russian replacement AES algorithm. Developed in 2015 at the request of the Russian government :) – asdS – 2018-05-07T19:09:57.923

3Please note, you may also want to ask the question "Does it add security value to encrypt twice" on [security.se], because your question implies you may be surprised by the answer to that question... – SEJPM – 2018-05-06T18:20:21.813

@SEJPM Is there such a question now? You're implying you know what the answer is, what is it? – Xen2050 – 2018-05-11T05:12:08.330

Can I encrypt the LUKS encrypted disk a second time with TrueCrypt

Answers