Linux Unified Key Setup

From Wikipedia, the free encyclopedia
Jump to navigation Jump to search

The Linux Unified Key Setup (LUKS) is a disk encryption specification created by Clemens Fruhwirth in 2004 and was originally intended for Linux.

While most disk encryption software implements different, incompatible, and undocumented formats[citation needed], LUKS implements a platform-independent standard on-disk format for use in various tools. This not only facilitates compatibility and interoperability among different programs, but also assures that they all implement password management in a secure and documented manner.[1]

The reference implementation for LUKS operates on Linux and is based on an enhanced version of cryptsetup, using dm-crypt as the disk encryption backend. Under Microsoft Windows, LUKS-encrypted disks can be used with the now defunct FreeOTFE (formerly DoxBox, LibreCrypt).

LUKS is designed to conform to the TKS1 secure key setup scheme.[2]

See also[edit]


  1. ^ Fruhwirth, Clemens (2018-01-20). "LUKS On-Disk Format Specification Version 1.2.3" (PDF). Retrieved 2021-09-23.
  2. ^ Fruhwirth, Clemens (2004-07-15). "TKS1 – An anti-forensic, two level, and iterated key setup scheme" (PDF). Draft. Retrieved 2021-09-23.

External links[edit]