Linux disk encryption tool, Cryptsetup, has released a new version v2.3.0 with native read-write access to Windows BitLocker-compatible devices.
You can now access the BitLocker encrypted devices’ data in any Linux distro owing to the stable release of Cryptsetup 2.3.0 that supports the BitLocker format (BITLK format).
Encryption Tool for Windows and Linux
Windows system uses the BitLocker for a full drive and portable volume encryption. BitLocker utilizes the Trusted Platform Module (TPM) to store the keys generated using the AES encryption algorithm with a 128-bit or 256-bit key.
On the other hand, Linux distros allow the encryption of the whole storage media based on the Linux Unified Key Setup (LUKS) mechanism. Hence, Device data are protected using various encryption tools like Cryptsetup for the Linux system.
Cryptsetup is a block-level encryption utility tool based on the DMCrypt kernel module that supports kernel v2.6+.
Cryptsetup provides access for plain dm-crypt volumes, LUKS volumes, loop-AES, and TrueCrypt. However, you require a third-party tool to enable the BitLocker formats.
Cryptsetup 2.3 Enables BitLocker Compatible Device Access
The latest release v2.3.0 of Cryptsetup comes with BITLK device support. However, it is experimental and there are chances that you could get an error message.
Windows system leverages the TPM for data encryption but Cryptsetup does not support TPM or key protectors.
Therefore, Cryptsetup utilizes passphrases or keys to store the keys and hence it also supports BITLK format.
You can mount the devices and get access to your encrypted data using properly installed drivers such as NTFS or exFAT for decryption.
Till now, you can only read the metadata. You have no access to modify the metadata.
How to use Cryptsetup?
Cryptsetup is a command-line tool that you can use for manipulating the device data. You can use the following commands:
- To activate a BITLK device
cryptsetup open --type bitlk <device> <name> or cryptsetup bitlkOpen <device> <name>
- To print metadata information of BITLK device
cryptsetup bitlkDump <device>
- To print information on the active device
cryptsetup status <name>
For more detailed bug fixes and changes, read from here.