[dm-crypt] The future of disk encryption with LUKS2

Zaolin zaolin at das-labor.org
Fri Feb 5 14:49:38 CET 2016


Hi,

> On Fri, Feb 05, 2016 at 14:13:21 CET, Yves-Alexis Perez wrote:
> > On ven., 2016-02-05 at 12:02 +0100, Arno Wagner wrote:
> > > > Think external drives / removable storage?
> > > 
> > > An attacker with physical access that you do not notice has 
> > > won. Storage encryption does not protect here. Think, for 
> > > example, "evil maid" type attacks. Storage encryption
> > > is only for theft of the device (which you notice) or 
> > > attacker access which you notice in other ways.
> > 
> > This is exactly why integrity matters? The point is to have an usb
> > drive /
> > external disk *fully* encrypted.  The decryption is done by the
> > host
> > (which is trusted).  In that case, confidentiality and integrity
> > are both
> > important.
> 
> No. You are trying to solve the wrong problem. First, disk 
> encryption with 1:1 mapping will never give you integrity 
> protection and the other variants kill performance.
I partially agree. What's about using GCM or CCM mode of operation for
disk encryption ? ;) In order to solve the evil maid issue you need
hardware security and a secure boot process.
> 
> And second, who says anything abot the "evil maid" changing
> things in the encrypted container?
That's correct.
> 
> Seriosuly, what you want you do not do with disk encryption, 
> but with PGP/GnuPG on file-level.
> 
> Regards,
> Arno 

Regards Zaolin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part
URL: <http://www.saout.de/pipermail/dm-crypt/attachments/20160205/6192257c/attachment.asc>


More information about the dm-crypt mailing list