[dm-crypt] The future of disk encryption with LUKS2
corsac at debian.org
Fri Feb 5 14:13:21 CET 2016
On ven., 2016-02-05 at 12:02 +0100, Arno Wagner wrote:
> > Think external drives / removable storage?
> An attacker with physical access that you do not notice has
> won. Storage encryption does not protect here. Think, for
> example, "evil maid" type attacks. Storage encryption
> is only for theft of the device (which you notice) or
> attacker access which you notice in other ways.
This is exactly why integrity matters? The point is to have an usb drive /
external disk *fully* encrypted. The decryption is done by the host (which is
trusted). In that case, confidentiality and integrity are both important.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 473 bytes
Desc: This is a digitally signed message part
More information about the dm-crypt