[dm-crypt] Passphrase protected key file?

Heiko Rosemann heiko.rosemann at web.de
Thu Jul 14 16:12:45 CEST 2011

Hash: SHA1

On 07/14/2011 03:35 PM, Arno Wagner wrote:
> On Thu, Jul 14, 2011 at 01:55:50PM +0200, Ma Begaj wrote:
>>> Also note that an attacker that has access to the storage could 
>>> patch your GnuPG binary or other system components.
>> well that is an another story because an attacker could in that
>> case patch cryptsetup too. if s/he can do that it is not important
>> whether you use encrypted key file on usb stick or directly
>> cryptsetup.
> Indeed. But are there any realistic scenarios where
> a) a passphrase is signifiacntly less secure than an encrypted 
> passphrase stored on USB with a second pasphrase to decrypt that
> and
> b) the attacker does not have the possibility to patch 
> GnuPG/cryptup/other things that make the second passphrase just as
> weak as the first one?
> My claim is that a realistic risk analysis will show there are no
> such scenarios that are typical and hence having an encrypted
> passphrase on an USB stick does not offer improved security.

Improved security over which other setup?

a) Unencrypted passphrase stored on a USB key. Here the second
encryption step will probably give additional security in case the user
looses the USB key.

b) Directly entering passphrase without the need of a USB key. Here we
have a typical risk of users using the same passphrase for different
things or even of writing it down (on a post-it note on the screen or
keyboard...). If we depend upon a USB stick with the real passphrase
(encrypted by the one on the post-it note) being present at boot the
attacker won't be able to utilize that passphrase.

If we move kernel+initrd+cryptsetup to the USB stick and boot the
machine from USB, we can even encrypt the entire harddisk, thus even
someone with physical access to the machine cannot patch cryptsetup/gnupg.

Now it only boils down to whether a user writing down his passphrase
will remember to remove the USB key ;)

Regards, Heiko

P.S: Thinking of law enforcement as the attacker (guess that is not that
a great risk for most of us), it is possible to destroy all access to
your data by destroying all the USB keys with the encrypted passphrase
on them - and then you can even tell them your passphrase...
- -- 
eMails verschlüsseln mit PGP - privacy is your right!
Mein PGP-Key zur Verifizierung: http://pgp.mit.edu

Version: GnuPG v2.0.17 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/


More information about the dm-crypt mailing list