LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Programming (https://www.linuxquestions.org/questions/programming-9/)
-   -   Can we decrypt a file system using older version of EncFS (https://www.linuxquestions.org/questions/programming-9/can-we-decrypt-a-file-system-using-older-version-of-encfs-4175731151/)

zpekter 11-23-2023 11:17 AM
Can we decrypt a file system using older version of EncFS
 
Hi All,

Can we decrypt a file system using an older version of encfs than that was encrypted?

I have a specific scenario where the encryption was done by using the encfs 1.9.5 version and the decryption needs to be done by using encfs version 1.7.4.

Does this scenario work?

Details:

Encrypted directory info from EcFS 1.9.5

Quote:
Version 6 configuration; created by EncFS 1.9.5 (revision 20100713)
Filesystem cipher: "ssl/aes", version 3:0:0 (using 3:0:2)
Filename encoding: "nameio/block", version 4:0:0 (using 4:0:2)
Key Size: 256 bits
Using PBKDF2, with 243692 iterations
Salt Size: 160 bits
Block Size: 4096 bytes, including 16 byte MAC header
Filenames encoded using IV chaining mode.
File holes passed through to ciphertext.
Encrypted directory info from EcFS 1.7.4

Quote:
Version 6 configuration; created by EncFS 1.7.4 (revision 20100713)
Filesystem cipher: "ssl/aes", version 3:0:0 (using 3:0:2)
Filename encoding: "nameio/block", version 3:0:0 (using 3:0:1)
Key Size: 256 bits
Using PBKDF2, with 117782 iterations
Salt Size: 160 bits
Block Size: 4096 bytes, including 16 byte MAC header
Filenames encoded using IV chaining mode.
File holes passed through to ciphertext.
Please share your thoughts.
Thanks

NevemTeve 11-23-2023 01:10 PM
What did you try and what was the result?

zpekter 11-23-2023 08:37 PM
Quote:
Originally Posted by NevemTeve (Post 6466311)
What did you try and what was the result?
I've created a volume using 1.9.5
Code:
/usr/local/bin/encfs.195 -S --public /root/encfs/new/encrypted /root/encfs/new/decrypted

df -h
Filesystem                        Size  Used Avail Use% Mounted on
devtmpfs                          3.8G    0  3.8G  0% /dev
tmpfs                            3.8G  320K  3.8G  1% /dev/shm
tmpfs                            3.8G  8.7M  3.8G  1% /run
/dev/mapper/vgroup1-root          9.6G  8.0G  1.2G  88% /
/dev/sda1                        240M  199M  29M  88% /boot
tmpfs                            777M    0  777M  0% /run/user/0
encfs.195                        9.6G  8.0G  1.2G  88% /root/encfs/new/decrypted
Then when I tried to mount the same volume using a different version, 1.7.4, it's giving me the below error message.
Code:
/usr/bin/encfs.174 -S --public /root/encfs/new/encrypted /root/encfs/new/decrypted
02:05:13 (FileUtils.cpp:416) Archive exception: XML start/end tag mismatch - uniqueIV
02:05:13 (FileUtils.cpp:365) Found config file /root/encfs/new/encrypted/.encfs6.xml, but failed to load
Creating new encrypted volume.
Please choose from one of the following options:
 enter "x" for expert configuration mode,
 enter "p" for pre-configured paranoia mode,
 anything else, or an empty line will select standard mode.
?>

NevemTeve 11-23-2023 09:38 PM
This suggests incompatibilty, though the error message about the xml-file sounds in-plausible. Use xmllint two validate the file, or compare files created with different versions of the program.

syg00 11-23-2023 10:28 PM
Did you unmount it before the second attempt ?.

zpekter 11-24-2023 12:17 AM
Quote:
Originally Posted by NevemTeve (Post 6466390)
This suggests incompatibilty, though the error message about the xml-file sounds in-plausible. Use xmllint two validate the file, or compare files created with different versions of the program.
There are no issues with the XML file or formatting. However, the error message says that the format is not valid. I'm suspecting the below difference is causing this issue.
1.9.5
Code:
Key Size: 256 bits
Using PBKDF2, with 243692 iterations
1.7.4
Code:
Key Size: 256 bits
Using PBKDF2, with 117782 iterations

zpekter 11-24-2023 12:18 AM
Quote:
Originally Posted by syg00 (Post 6466397)
Did you unmount it before the second attempt ?.
Yes, I did unmount it. And I do have the backup of the data, however, I need to figure out a way to make it work.

NevemTeve 11-24-2023 08:15 AM
I reproduced the problem:
Code:
# encfs.174 -S --public /root/encfs_test/encr_01/ /root/encfs_test/mount_01/
15:10:47 (FileUtils.cpp:411) Archive exception: XML start/end tag mismatch - uniqueIV
15:10:47 (FileUtils.cpp:360) Found config file /root/encfs_test/encr_01/.encfs6.xml, but failed to load
Mind you, the start/end tags are valid in the XML:
Code:
# xmllint -noout encr_01/.encfs6.xml
<no error message>
# grep uniqueIV encr_01/.encfs6.xml
        <uniqueIV>1</uniqueIV>

NevemTeve 11-24-2023 08:39 AM
It might work, if creation time you use 'expert' mode, and select a file-name-encoding algorithm compatible with the older version (e.g. 4:Stream); also you have to remove this line from the .xml fájl:
Code:
<plainData>0</plainData>
Of course all of this is plain wrong, you should create the encrypter filesystem with the old version of encfs.

zpekter 11-24-2023 02:34 PM
Quote:
Originally Posted by NevemTeve (Post 6466477)
It might work, if creation time you use 'expert' mode, and select a file-name-encoding algorithm compatible with the older version (e.g. 4:Stream); also you have to remove this line from the .xml fájl:
Code:
<plainData>0</plainData>
Of course all of this is plain wrong, you should create the encrypter filesystem with the old version of encfs.

Thank you for this suggestion.
It seems this will solve the issue for the time being so I'm planning to use this method to make things work.


All times are GMT -5. The time now is 04:48 PM.