[dm-crypt] Passphrase protected key file?

Iggy iggy19 at riseup.net
Fri Jul 15 07:33:10 CEST 2011

On 07/14/2011 05:44 PM, Arno Wagner wrote:
> On Thu, Jul 14, 2011 at 11:21:28PM +0200, Heiko Rosemann wrote:
>> On 07/14/2011 09:27 PM, Arno Wagner wrote:
>>> On Thu, Jul 14, 2011 at 04:12:45PM +0200, Heiko Rosemann wrote:
>>>> On 07/14/2011 03:35 PM, Arno Wagner wrote:
>> The main advantage I see about the USB key option is that the USB key
>> does not have to be in the same room as the encrypted device. I.e. the
>> FBI could come to your home while you are away and take away your
>> computer and when you arrive you notice something is wrong and have the
>> time to destroy the USB key (I'm thinking of some physical way here like
>> burning it on a barbeque, cooking it in solder, cutting the chips apart
>> with a micro-drill...) and can then openly tell a court that you don't
>> have any access to your data anymore.
> Well, that was the old approach, until they found out they
> could not break modern disk or file encryption. Now they will 
> either break in silently and install a hardware keylogger and
> a camera to find out what you are using, or they will break 
> down your door while the machine is running and decrypted. 
The fact that breaking modern strong encryption has not yet been used to
prosecute criminal or other cases tried in open court does not mean that
"they" cannot break it.  It is common for legal cases, or certain
charges, to be dropped when prosecuting them would disclose the
existence of advanced surveillance/espionage techniques that are closely
held/very useful.

Many spies that have been outed in the US have not been prosecuted for
this very reason.  A more direct example is found with the ability to
remotely (and invisibly to the user) open the audio channel on some cell
phones/networks.  US law enforcement was apparently able to do this for
a number of years before they first mentioned it publicly in a case
against a Boston mobster some few years ago.  In that case the defendant
had been sneaky enough for long enough that the FBI felt it was worth
outing that technology in order to get their prosecution.

There is plenty of data out there (fortunately none that I control!)
that is valuable enough for major powers to be willing to spend a lot of
money to acquire, even if they can never publicize that acquisition. 
Underestimating the US NSA seems unwise.

>> Or you notice your harddrive has been stolen and then you can delete the
>> key without any remaining worries about possible social engineering to
>> get your passphrase. Or the police knock on your door at night and you
>> flush the USB key down the toilet (matter of seconds) instead of booting
>> up your PC and overwriting all key slots (matter of minutes, police
>> kicking in your door in the meantime)
> Well, I think these are borderline scenarios. Also remember than unless
> you are in certain states like the UK or the US, the police cannot 
> force you to give them your passphrase. But in certain situations, 
> these might be valid approaches. I see your point.
These may be a marginal percentage of total use-cases, but they may also
be some of the strongest cases for using strong encryption. 
Unfortunately in these severe cases you may protect your data, but the
fact that you are not able to reveal the data may not protect you from
the rubber hose or worse.

>> It can also - to a very casual attacker - hide the encrypted area by
>> booting a different OS from the harddrive when there is no USB key
>> attached. Or if you are very, very, very sure never to forget to plug in
>> the correct USB key, you could automatically wipe the LUKS key slots
>> when the machine is booted without the USB key.
That's certainly a bold setup.  But for those marginal cases, possibly a
useful one.  You'd also have to wipe the script that overwrites the key
slots (and be using a non-journaling file system to be able to do that
securely).  Depending on the setup and situation this may allow, or at
least be a step toward allowing, one to plausibly deny the existence of
encrypted data.  Which in turn may just save our hypothetical user from
the rubber hose.

Of course, any number of human or technical errors (cracked solder joint
in USB port scares me) could result in total data loss.  Maybe our user
is doing encrypted remote backups via TOR and VPN?  Either way, it
requires bigger genitalia than I have.  It's a severe risk-landscape
that would justify this solution, but interesting to imagine.



More information about the dm-crypt mailing list