mount with wrong passphrase

I have tested ecryptfs on Fedora 9 and I don't understand, why the
files of a crypted diretory are readable when the directory is mounted
with a wrong passphrase.

I did the following (lines which begin with user <at> host are input from a
user, with root <at> host are input from root, lines which > are output and
lines with # are comments):

user <at> host: mkdir /tmp/test

root <at> host: mount -t ecryptfs /tmp/test /tmp/test
>Select key type to use for newly created files: 
> 1) passphrase
> 2) openssl
>Selection: 
root <at> host: 1
> Passphrase:
root <at> host: test
> Verify Passphrase:
root <at> host: test
>Select cipher: 
> 1) aes: blocksize = 16; min keysize = 16; max keysize = 32 (not loaded)
> 2) blowfish: blocksize = 16; min keysize = 16; max keysize = 32 (not loaded)
> 3) des3_ede: blocksize = 8; min keysize = 24; max keysize = 24 (not loaded)
> 4) twofish: blocksize = 16; min keysize = 16; max keysize = 32 (not loaded)
> 5) cast6: blocksize = 16; min keysize = 16; max keysize = 32 (not loaded)
> 6) cast5: blocksize = 8; min keysize = 5; max keysize = 16 (not loaded)
>Selection [aes]: 
root <at> host: <return>
>Select key bytes: 
> 1) 16
> 2) 32
> 3) 24
>Selection [16]: 
root <at> host: <return>
>Enable plaintext passthrough (y/n): 
root <at> host: n
>Attempting to mount with the following options:
>  ecryptfs_key_bytes=16
>  ecryptfs_cipher=aes
>  ecryptfs_sig=d395309aaad4de06
>WARNING: Based on the contents of [/root/.ecryptfs/sig-cache.txt],
>it looks like you have never mounted with this key 
>before. This could mean that you have typed your 
>passphrase wrong.
>
>Would you like to proceed with the mount (yes/no)? 
root <at> host: yes
>Would you like to append sig [d395309aaad4de06] to
>[/root/.ecryptfs/sig-cache.txt] 
>in order to avoid this warning in the future (yes/no)? 
root <at> host: yes
>Successfully appended new sig to user sig cache file
>Mounted eCryptfs

user <at> host: echo Hello > /tmp/test/Test
user <at> host: cat /tmp/test/Test
> Hello

root <at> host: umount /tmp/test
# The file /tmp/test/Test is not readyble anymore
# (only crypted text).

root <at> host: mount -t ecryptfs /tmp/test /tmp/test
>Select key type to use for newly created files: 
> 1) passphrase
> 2) openssl
>Selection: 
root <at> host: 1
> Passphrase:
root <at> host: ZZZ
# The passphrase is wrong!
>Verify Passphrase: 
root <at> host: ZZZ
>Select cipher: 
> 1) aes: blocksize = 16; min keysize = 16; max keysize = 32 (not loaded)
> 2) blowfish: blocksize = 16; min keysize = 16; max keysize = 32 (not loaded)
> 3) des3_ede: blocksize = 8; min keysize = 24; max keysize = 24 (not loaded)
> 4) twofish: blocksize = 16; min keysize = 16; max keysize = 32 (not loaded)
> 5) cast6: blocksize = 16; min keysize = 16; max keysize = 32 (not loaded)
> 6) cast5: blocksize = 8; min keysize = 5; max keysize = 16 (not loaded)
>Selection [aes]: 
root <at> host: <return>
>Select key bytes: 
> 1) 16
> 2) 32
> 3) 24
>Selection [16]: 
root <at> host: <return>
> Enable plaintext passthrough (y/n): 
root <at> host: n
>Attempting to mount with the following options:
>  ecryptfs_key_bytes=16
>  ecryptfs_cipher=aes
>  ecryptfs_sig=59c481ccf04080d4
>WARNING: Based on the contents of [/root/.ecryptfs/sig-cache.txt],
>it looks like you have never mounted with this key 
>before. This could mean that you have typed your 
>passphrase wrong.
>
>Would you like to proceed with the mount (yes/no)? 
root <at> host: yes
>Would you like to append sig [59c481ccf04080d4] to
>[/root/.ecryptfs/sig-cache.txt] 
>in order to avoid this warning in the future (yes/no)? 
root <at> host: no
>Not adding sig to user sig cache file; continuing with mount.
>Mounted eCryptfs

user <at> host: cat /tmp/test/Test
> Hello

Why is the file /tmp/test/Test readable although root gave the wrong
passphrase?

Dietmar

-------------------------------------------------------------------------
Check out the new SourceForge.net Marketplace.
It's the best place to buy or sell services for
just about anything Open Source.
http://sourceforge.net/services/buy/index.php