[dm-crypt] Quick dm-crypt questions

Cpp tzornik at gmail.com
Wed Oct 29 16:53:08 CET 2014


Arno Wagner: Can you recommend any decent books on the subject of
physical tampering resistance and secure cryptographic hardware
design?

Thanks.

On 10/29/14, Arno Wagner <arno at wagner.name> wrote:
> On Wed, Oct 29, 2014 at 11:33:24 CET, Ralf Ramsauer wrote:
>> On 29.10.2014 11:24, Cpp wrote:
>> > The thing is I planned to use a microcontroller to store an encryption
>> > key in its RAM, and I see the device uses SRAM, so this might be a
>> > problem?
>> > http://www.atmel.com/Images/Atmel-8271-8-bit-AVR-Microcontroller-ATmega48A-48PA-88A-88PA-168A-168PA-328-328P_datasheet_Summary.pdf
>>
>> Yes, comments :-)
>>
>> First of all: are you going to store the Masterkey or the Passphrase /
>> Keyfile which is used for key derivation?
>> If you're going to store the master key, you don't need Luks at all,
>> this would also be a solution for your detached-header problem.
>>
>> But....
>>
>> How do you want to realize the communication between the µC and you
>> Linux Box? Over Uart? (Uart communication can _easily_ be sniffed, so be
>> aware of that....)
>
> If an attacker has access on that level, they can probaly just do
> a memory-freeze attack or a fire-wire attack. Remember that
> disk encryption does not protect data while the system is running
> and has the data decrypted.
>
>> Also don't forget to deactivate the JTAG interface. Otherwise the µC
>> could get debugged... And don't forget to set the correct FUSE bits
>> (disallow reading / writing from / to flash / EPROM memory, ....)
>> And did you know, that CPU operations can be reconstructed by small
>> fluctuations in current[1]? How do you want to solve this issue?
>>
>> How does the key get to the µC?
>>
>> Aah, almost forgot to mention: you talked about to use a RNG on your AVR
>> to move the key around. RNG on AVR? From where do you get your entropy?
>> I don't know much about this project, but maybe this helps you [2].
>>
>> There are *so* many traps... Do you really think this is a good idea?
>
> I think this is mostly intended as a project to learn. As such
> it should do well. But do not expet this to be secure against a
> competent attacker.
>
> Arno
>
>> [1] http://en.wikipedia.org/wiki/Power_analysis
>> [2] http://www.das-labor.org/wiki/AVR-Crypto-Lib //
>> http://www.das-labor.org/wiki/AVR-Crypto-Lib#PRNGs
>>
>> Regards
>>   Ralf
>> _______________________________________________
>> dm-crypt mailing list
>> dm-crypt at saout.de
>> http://www.saout.de/mailman/listinfo/dm-crypt
>
> --
> Arno Wagner,     Dr. sc. techn., Dipl. Inform.,    Email: arno at wagner.name
> GnuPG: ID: CB5D9718  FP: 12D6 C03B 1B30 33BB 13CF  B774 E35C 5FA1 CB5D 9718
> ----
> A good decision is based on knowledge and not on numbers. -- Plato
>
> If it's in the news, don't worry about it.  The very definition of
> "news" is "something that hardly ever happens." -- Bruce Schneier
> _______________________________________________
> dm-crypt mailing list
> dm-crypt at saout.de
> http://www.saout.de/mailman/listinfo/dm-crypt
>


More information about the dm-crypt mailing list