From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <arno@wagner.name>
Received: from v6.tansi.org (ns.km31936-01.keymachine.de [87.118.116.4])
 by mail.server123.net (Postfix) with ESMTP
 for <dm-crypt@saout.de>; Thu,  2 Apr 2015 17:48:02 +0200 (CEST)
Received: from gatewagner.dyndns.org (77-57-54-224.dclient.hispeed.ch
 [77.57.54.224]) by v6.tansi.org (Postfix) with ESMTPA id 565BE20DC13E
 for <dm-crypt@saout.de>; Thu,  2 Apr 2015 17:48:02 +0200 (CEST)
Date: Thu, 2 Apr 2015 17:48:01 +0200
From: Arno Wagner <arno@wagner.name>
Message-ID: <20150402154801.GA22576@tansi.org>
References: <551CDF3E.4020407@billmairsolutions.ltd.uk>
 <20150402102027.GA18528@tansi.org>
 <551D1CF9.9020502@billmairsolutions.ltd.uk>
 <20150402120848.GC18528@tansi.org>
 <F4BEB970-290A-46AB-9E79-D02DFA03F3D2@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <F4BEB970-290A-46AB-9E79-D02DFA03F3D2@gmail.com>
Subject: Re: [dm-crypt] Proposal for support of PKCS#11 devices (SmartCards
 and Tokens)
List-Id: <dm-crypt.saout.de>
List-Unsubscribe: <http://www.saout.de/mailman/options/dm-crypt>,
 <mailto:dm-crypt-request@saout.de?subject=unsubscribe>
List-Archive: <http://www.saout.de/pipermail/dm-crypt/>
List-Post: <mailto:dm-crypt@saout.de>
List-Help: <mailto:dm-crypt-request@saout.de?subject=help>
List-Subscribe: <http://www.saout.de/mailman/listinfo/dm-crypt>,
 <mailto:dm-crypt-request@saout.de?subject=subscribe>
To: dm-crypt@saout.de




On Thu, Apr 02, 2015 at 14:38:28 CEST, Nick Econopouly wrote:
> "2-factor authentication is a large field with many dysfunctional
> solutions (biometrics, for example, or numerous insecure hardware 
> tokens), and no final good solutions are in sight. Hence it is not 
> something that has a place in cryptsetup proper, beyond what is 
> already there. You can also always treat the passphrase as the secret 
> and protect that with your chosen 2-factor authentication scheme."
> 
> I've been interested in the hardware tokens you mentioned; are the yubikey
> and the upcoming nitrokey insecure?
>
> (For 2fa, I assume the gnupg features are more secure because they at
> least require a pin)
> 
> -nick

The think is that in the past most chipcards were broken, some
in ridiculously simple fashions. At the same time, people do not
realize this. I have even heard some security people call a 
smartcard a "mini-HSM". The problem is that makeing a secure token
is hard and expensive. For example, it needs always-on sensors
that can wipe it in case of attacks on the hardware. 

Sure, a hardware token of any kind usually gives you a significant 
security boost as most people chose insecure passwords, but
that is basically it. If a user uses secure passwords, 2-factor
will just annoy.

Gr"usse,
Arno


-- 
Arno Wagner,     Dr. sc. techn., Dipl. Inform.,    Email: arno@wagner.name
GnuPG: ID: CB5D9718  FP: 12D6 C03B 1B30 33BB 13CF  B774 E35C 5FA1 CB5D 9718
----
A good decision is based on knowledge and not on numbers. -- Plato

If it's in the news, don't worry about it.  The very definition of 
"news" is "something that hardly ever happens." -- Bruce Schneier