FreeOTFE logo FreeOTFE
Contents

Technical Details: FreeOTFE Volumes and Keyfiles

A FreeOTFE volume (regardless of whether it's stored in a file or partition) consists of two things:

  1. A critical data block (CDB)
  2. An encrypted partition image
The CDB may either form part of the volume, in which case it is prepended to the encrypted partition image, or it may be stored as a separate file, in which case it is referred to as a "keyfile".
Users may create any number of keyfiles for any given volume. To create a new keyfile, the user must supply either:
  1. An existing keyfile, and it's password, etc
  2. A volume file which has a CDB
together with it's password, salt length, etc. The keyfile or volume CDB supplied will then be read in, decrypted, and re-encrypted with a new password, salt length, etc (all supplied by the user) before being written out as the new keyfile.

A full definition of the contents of a CDB/keyfile is supplied in this documentation.

Notes: