Linux Unified Key Setup

From Wikipedia, the free encyclopedia
Jump to: navigation, search

In computing, the Linux Unified Key Setup or LUKS is a disk-encryption specification created by Clemens Fruhwirth and originally intended for Linux.

While most disk encryption software implements different and incompatible, undocumented formats, LUKS specifies a platform-independent standard on-disk format for use in various tools. This not only facilitates compatibility and interoperability amongst different programs, but also assures that they all implement password management in a secure and documented manner.[1]

The reference implementation for LUKS operates on Linux and is based on an enhanced version of cryptsetup, using dm-crypt as the disk encryption backend. Under Microsoft Windows, LUKS-encrypted disks can be used with FreeOTFE.

The design of LUKS aimed to conform to the TKS1 secure key setup scheme.[2]

On September 2013, Phoronix published a benchmark comparing performance between LUKS and eCryptfs. They used Ubuntu 13.10 (latest available at that time) and they obtained better results encrypting the whole disk using LUKS than encrypting just the user home using eCryptfs.[3]

See also[edit]

References[edit]

  1. ^ Fruhwirth, Clemens (December 8, 2008). "LUKS On-Disk Format Specification Version 1.1.1". Retrieved 9 December 2010. 
  2. ^ Clemens Fruhwirth (2004-07-15). "TKS1 – An anti-forensic, two level, and iterated key setup scheme" (PDF). draft. Retrieved 2006-12-12. 
  3. ^ Michael Larabel (December 2, 2013). "Ubuntu 13.10 Linux Disk Encryption Performance". Phoronix. Retrieved December 3, 2013. 

External links[edit]