Home | Content | Search | Navigation | Indexes
 

Mailinglist Archive: opensuse-security (35 mails)

< Previous Next >
Re: [opensuse-security] LUKS and its master key
  • From: Jochen+opensuse-security@xxxxxxxxxx
  • Date: Wed, 12 Dec 2007 12:40:42 +0100
  • Message-id: <m3prxc9m4l.fsf@xxxxxxxxxxxxxxxxxxxxxxx>
"RR" == Ralf Ronneburger writes:

RR> Michel Messerschmidt wrote:

>> For example, encrypted filesystems are almost always useful to prevent
>> data leakage from abandoned hardware (think of all the harddisks sold
>> on ebay).
>> Also any file encrypted by a user improves the security by reducing the
>> time the data is accessible and subject to attacks.
>>
RR> For harddisk encryption on servers this is senseless.

Well, IMHO that view sounds a little over-simplifying to me.


Pls imagine this scenario:

Somebodys steals your disks for searching them.
E.g. the taxman ;-)

Of course, as soon as the partitions in question are luksClose'd or simply
unplugged or whatever,
my disk are apparently just unreadable to the thief.

But if the thief listens *here*
and he knows, I am using luks,
and if he proceeds a little more clever therefore,
and he finds a way to look at my luksOpen'ed partitions,
apparently with luks he is able to read out my plain keys from the luks
partition.

I regard this a sort of backdoor (rather a giant gate than a tiny little
backdoor)
not a traditional one, but still a way to conquer my data.

The way I currently mount my encrypted external disk through a loop device on a
twofish256/sha512'ed partition
(i.e. on a non-luksified system),
I have been sure so far,
that my key is not stored in a way similar to how luks does it.

RR> The disk is always online
RR> (therefore not protected)

Well, ..., alright, as long as the disk is online,
there may be a way to gain access to it even to dis-allowed users.

But this illegal access should not easily enable the thief,
to read out keys for later usage "at home", the taxman's computer lab, or
wherever.

RR> and before you sell it on ebay

Well, in the scenario described above I got robbed "asynchronously" (that is
the nature of robbing),
so I did not have the opportunity of doing so:

RR> you can always use some tool
RR> to overwrite it with random data.
---------------------------------------------------------------------
To unsubscribe, e-mail: opensuse-security+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-security+help@xxxxxxxxxxxx

< Previous Next >
This Thread
  • No further messages