[dm-crypt] LUKS self-destruct key

Chris Drake Tech at CryptoPhoto.com
Mon Mar 31 09:03:05 CEST 2014


Hi Andrew,

Codewise - easy.

Point-wise - I cannot see.

From your adversary's point of view, all they see is you giving them
bogus passwords that don't work.  You may as well just keep giving
them bogus passwords.

The only difference is that when they point a gun at your head, with
your idea, you're 100% certain you're going to die.

Kind Regards,
Chris Drake


Monday, March 31, 2014, 3:17:30 PM, you wrote:

A> Greetings dm-crypt folks,

A> Is it feasable to add a self-destruct password to cryptsetup for
A> LUKS, such that when this password is entered, the decryption code
A> silently and deliberately overwrites all or part of the master key?

A> If you are facing an unjust order to produce a working key, having
A> the option to produce a self-destruct key would be helpful in some
A> circumstances.  There are a number of ham-fisted regimes and
A> illegal groups that do not know the difference between decrypting
A> data and running untrusted code.  Destroying the master key would
A> look to these like a simple failed attempt at decryption, and
A> ensure the permanenty destruction of the data that they are seeking.

A>  + Give us your key
A>  - I don't remember it
A>  + Give Us Your Key
A>  - I really don't remember it
A>  + GIVE US YOUR KEY
A>  - I think it's "INITIATE-SELF-DESTRUCT-SEQUENCE" but I'm not sure
A>  + That didn't work
A>  - I told you I don't remember


A> In pseudocode, the decryption would become something like this
A> (based on my probably faulty understanding of LUKS):

A>     evaluate_password_for_slot(slot) {
A>         slot_plaintext=decrypt(slot_ciphertext, password);
A>         /* initiate self_destruct */
A>         if
A> memcmp(slot_plaintext,SELF_DESTRUCT_PLAINTEXT,sizeof(SELF_DESTRUCT_PLAINTEXT))==0)
A>                 wipe_master_key();
A>                 wipe_key_slots();
A>         }
A>         /* self_destruct complete */
A>         master_key = decrypt(master_ciphertext, slot_key);
A>         if this_is_a_valid_master_key(master_key) { return E_SUCCESS; }
A>         return E_FAIL;
A>     }

A> Code changes would include:
A>         Not considering a self-destruct key as a valid remaining key in luksKillSlot
A>         Front-end code to create a slot as a self-destruct key
A>         Back-end code to destroy the master key
A>         s/SELF_DESTRUCT/ESCROW/g  /* :) */

A> _______________________________________________
A> dm-crypt mailing list
A> dm-crypt at saout.de
A> http://www.saout.de/mailman/listinfo/dm-crypt





More information about the dm-crypt mailing list