LUKS: Disk Encryption


If you are looking for the homepage for LUKS, you can find it here: https://gitlab.com/cryptsetup/cryptsetup/

We are not the creators or maintainers of LUKS. We simply got it working on Android a long, long time ago!


LUKS is the standard for Linux hard disk encryption. By providing a standard on-disk-format, it does not only facilitate compatibility among distributions, but also provides secure management of multiple user passwords. In contrast to existing solution, LUKS stores all setup necessary setup information in the partition header, enabling the user to transport or migrate his data seamlessly.

This project is the port of LUKS to Android. You can find more information on the current status here: https://github.com/guardianproject/luks/wiki

Design

LUKS was designed according to TKS1, a template design developed in TKS1 for secure key setup. LUKS closely reassembles the structure recommended in the TKS1 paper, but also adds meta data for cipher setup management and LUKS also supports for multiple keys/passphrases.

Why LUKS?

  • compatiblity via standardization,
  • secure against low entropy attacks,
  • support for multiple keys,
  • effective passphrase revocation,
  • free

The original LUKS CryptSetup project is here: https://code.google.com/p/cryptsetup/