As I know, there is block cipher AES in dm-crypt.
When I looked into the documentation of zymkey, there is no block cipher AES.
Do you use the AES software implementation when using the dm-crypt?
How can you control the master key of AES?
I mean that, in normal dm-crypt (luks), the master key is generated from passphrase.
And the software block cipher AES is performed to encrypt all files in raspberry pi.
Is zymkey same?
Our scripts (mk_encr_sd_rfs.sh and mk_encr_ext_rfs.sh) will lock up a LUKS passphrase and then creates the encrypted volume using standard LUKS tools. We let the Raspberry Pi do the rest of the work in dm-crypt.
As you know, there is AES-256 encrypt/decrypt service in zymkey.
If I use the dm-crypt when encrypting the data in raspberry pi, is it used the AES-256 encrypt/decrypt dedicated in zymkey or is it used the dm-crypt library?
And,
is the main goal of zymkey securely stored the master key or passphrase used in dm-crypt?
If I use the dm-crypt when encrypting the data in raspberry pi, is it used the AES-256 encrypt/decrypt dedicated in zymkey or is it used the dm-crypt library?
dm-crypt
is the main goal of zymkey securely stored the master key or passphrase used in dm-crypt?
For the application of encrypted root file system, yes.
Of course, zymkey has many other uses as well: