[dm-crypt] LUKS header recovery attempt, bruteforce detection of AF-keyslot bit errors

Robert Nichols rnicholsNOSPAM at comcast.net
Tue Apr 25 16:37:19 CEST 2017


On 04/25/2017 08:44 AM, Dominic Raferd wrote:
>
>
> On 25 April 2017 at 14:14, Robert Nichols <rnicholsNOSPAM at comcast.net <mailto:rnicholsNOSPAM at comcast.net>> wrote:
>
>     On 04/24/2017 06:49 PM, protagonist wrote:
>
>         However, I assume it is likely that a determined attacker running as
>         root might be able to extract the master key from RAM if the encrypted
>         volume in question is still open at the time of attack, so technically,
>         there would be a way to do this without the password.
>
>
>     It's trivial. Just run "dmsetup table --showkeys" on the device.
>
>
> Wowzer. 'cryptsetup luksDump <device> --dump-master-key' can also provide this info but it requires a passphrase, which 'dmsetup table --showkeys' does not. So must we assume that anyone who has ever had root access while the encrypted device is mounted can thereafter ​break through the encryption regardless of passphrases? At least until cryptsetup-reencrypt is run on the device, which is a big step.

It's in the FAQ, section 6.10, so not really a great revelation.

BTW, it's "--showkey", not "--showkeys". Minor typo there, sorry.

Also, anyone who has had access to the device has had the ability to save a copy of the LUKS header, so the ability to revoke passphrases really isn't as great as it cracked up to be.

-- 
Bob Nichols     "NOSPAM" is really part of my email address.
                 Do NOT delete it.



More information about the dm-crypt mailing list