[dm-crypt] Disadvantages of many temporary keys?

Arno Wagner arno at wagner.name
Sat Oct 28 06:39:35 CEST 2017


On Sat, Oct 28, 2017 at 03:32:50 CEST, Robert Nichols wrote:
[...]
> But, removal of that temporary key is not as secure as you might think. 
> Anyone (or any bot) that had an opportunity to make a copy of the LUKS
> header while that key was installed can always use that header, together
> with that "temporary" key, to unlock the container.  "LUKS with detached
> header" would be the most straightforward way, but the master key could
> also be constructed from that header + key and used directly with
> cryptsetup to access the container's contents.

As always, the fact of thematter is that an attacker that has 
access to the decrypted container can get everything, including 
all data in there. But said attacker could also replace the
cryptsetup binary, the kernel, etc. so it is somthing to be 
aware of, not something to fix. 

Regards,
Arno

-- 
Arno Wagner,     Dr. sc. techn., Dipl. Inform.,    Email: arno at wagner.name
GnuPG: ID: CB5D9718  FP: 12D6 C03B 1B30 33BB 13CF  B774 E35C 5FA1 CB5D 9718
----
A good decision is based on knowledge and not on numbers. -- Plato

If it's in the news, don't worry about it.  The very definition of 
"news" is "something that hardly ever happens." -- Bruce Schneier


More information about the dm-crypt mailing list