[dm-crypt] nuke password to delete luks header
ms at citd.de
Thu Jan 16 22:36:19 CET 2014
On 16.01.2014 15:11, Iggy wrote:
> PS: An interesting, but only marginally helpful, byproduct of such a
> feature is that on the off-chance that an adversary were attempting to
> brute-force the password on their only copy of a volume (this is the
> unlikely bit), and the nuke password had less entropy than the
> decryption passphrase, then there is a chance the adversary themselves
> would remove access to the data, without intervention from the target of
> the attack, by accidentally brute-forcing the nuke password.
You wouldn't brute force using the actual system, much too slow.
You make a copy and brute force the data with something that allows as
much key/s as possible. Which means you can't use the actual system.
That also means the system that is actually used to do the brute-forcing
won't implement the "nuke" capability (Assuming at least some competence
on the attacker side) but may include code determine that it is a nuke
key, because there has to be a way to identify that status at least
after you found the correct passwort. Otherwise the feature would simply
be impossible to implement.
More information about the dm-crypt