[dm-crypt] please HELP - can't acces encrypted LVM after linux reinstallation.
flyingstar16 at gmail.com
Mon Oct 31 23:34:02 CET 2011
> While I agree with you, that cryptsetup already does a lot to prevent
> data (i.e. header) loss, I don't see a reason why (optional) header
> backup at some random place on the device would be such a big security
Because it would significantly decrease the efficiency of cryptsetup
anti-forensic features, if i'm not wrong..
Meaning that if the header is stored somewhere in the disk, that place
should be traceable: if it is random, there has to be some known place
where its location is stored; if the location information is not stored,
but one has to analyze the entire disk to find it, analyzing the disk would
expose the header; this applies also to the "fixed header location"
That's what I think I have understood from previous (similar and related)
discussions with Arno; please, correct me if I'm mistaken.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the dm-crypt