[dm-crypt] LUKS disk encryption with remote boot authentication

Cpp tzornik at gmail.com
Sun Oct 19 22:59:21 CEST 2014


On 10/19/14, Arno Wagner <arno at wagner.name> wrote:
> Actually, it has a pretty good chance of working well. Once.
> And if it is not too obvious and nowhere documented that the
> attacker can get at beforehand.

So basically if a device like this is meant to be used and distributed
widely, one security requirement would be that each and every device
uses a custom anti-tampering circuitry setup so that no two setups are
identical. After one device has been compromised, a new custom setup
has to be made, possibly at a new location.


More information about the dm-crypt mailing list