Librem 5 LUKS Status


#1

Hello!

While I am patiently waiting for my Evergreen phone I was wondering if there was any status on LUKS in regards to the Librem 5.

Recently people where able to figure out how to get LUKS working on the arm64 PineBook Pro under Manjaro and under Debian (abit slowly).

The FAQ say that LUKS on the Librem 5 “is in progress” but I am wondering if there are any updates on this?

With the quantity of sensitive data that a phone might posses I think disk encryption is quite impotent.


#2

I’m really interested in this too.


#3

Related topics:
Community diskussion and links / no official post:


Explanation how storage of secrets might work by Kyle and dcz:


#4

I assume you mean LUKS for the / partition, as you could already mount an external LUKS partition on a microSD card like on any PureOS system.

LUKS for / is being worked on and is a priority. Most of the work comes down to solving how to allow the user to enter their PIN/passphrase at boot using the touchscreen before / is mounted. I would consider that “phase one” and for “phase two” I’d like us to be able to use the OpenPGP smart card and its PIN to unlock LUKS like we (optionally) can enable on the Librem laptops.


#5

Sounds good!

Two things I wonder though; does the L5 at present have enough overhead to process full disk/partition encryption, in addition to normal use? Rather, will it be a stress to the system and reduce battery life, responsiveness, etc.?

Also, could the Librem Key be used for unlocking? I don’t suppose it couldn’t, but perhaps there’s a path to a nice integration here. I realize the form-factor of the Key might not be ideal to start.
Thanks.


#6

Disk encryption overhead is pretty minimal on modern processors and indeed most smartphones offer it so I wouldn’t worry about LUKS on a Librem 5. WIth respect to the Librem Key being used for unlocking, yes, it would be possible via the same mechanism that we’d use to unlocked with the integrated OpenPGP smart card reader.


Full-disk encryption performance in Librem 5
#7

Okay, cool.
I’ve never used an OpenPGP smart card before. Searching for them shows me 3.5 x 2" cards, plus others which appear to be the size a SIM card. What’s the form factor I should be looking for?
Thanks.