[dm-crypt] Security of cloned disks (with changed passphrases)

[dm-crypt] Security of cloned disks (with changed passphrases)

[Matthew Mosesohn]

[-- Attachment #1: Type: text/plain, Size: 662 bytes --]

I am wondering if I perform this setup (cryptsetup version 1.1.2), how much risk do I expose my systems to? 

Step 1: Create a base install that is encrypted with a fixed passphrase 
Step 2: Create a disk image of this installed system 
Step 3: Deploy image on N number of other systems 
Step 4: Change the passphrase on all deployed systems 

What happens if the passphrase becomes compromised on one of these systems? Can that person gain the original LUKS AES key to the disk and therefore obtain a way to break into all of the other systems? 

If yes, is there anything to do on each cloned system to improve security? 

-- 
Best Regards, 
Matthew Mosesohn 

[-- Attachment #2: Type: text/html, Size: 867 bytes --]

[dm-crypt] Security of cloned disks (with changed passphrases)

[Matthew Mosesohn]

[-- Attachment #1: Type: text/plain, Size: 663 bytes --]


I am wondering if I perform this setup (cryptsetup version 1.1.2), how much risk do I expose my systems to? 

Step 1: Create a base install that is encrypted with a fixed passphrase 
Step 2: Create a disk image of this installed system 
Step 3: Deploy image on N number of other systems 
Step 4: Change the passphrase on all deployed systems 

What happens if the passphrase becomes compromised on one of these systems? Can that person gain the original LUKS AES key to the disk and therefore obtain a way to break into all of the other systems? 

If yes, is there anything to do on each cloned system to improve security? 

-- 
Best Regards, 
Matthew Mosesohn 

[-- Attachment #2: Type: text/html, Size: 985 bytes --]

Re: [dm-crypt] Security of cloned disks (with changed passphrases)

[Milan Broz]

On 12/16/2010 07:27 PM, Matthew Mosesohn wrote:
> I am wondering if I perform this setup (cryptsetup version 1.1.2),
> how much risk do I expose my systems to?
> 
> Step 1: Create a base install that is encrypted with a fixed
> passphrase Step 2: Create a disk image of this installed system Step
> 3: Deploy image on N number of other systems Step 4: Change the
> passphrase on all deployed systems
> 
> What happens if the passphrase becomes compromised on one of these
> systems?  Can that person gain the original LUKS AES key to the disk
> and therefore obtain a way to break into all of the other systems?

Yes, cloning the whole device including LUKS header and changing just
the passphrase keeps the same volume key exposes all system to risk.

Everyone with any passphrase to any system can decrypt volume key
and get access to all cloned systems.

Moreover, everyone can check which sectors changed even without
any passphrase knowledge as a bonus (just check which sectors changed).

The proper way is create new LUKS header (with new passphrase
and volume key) and clone _content_ (plaintext device) of encrypted disk.

Still if you know origin disc content you are in better position
that when you know nothing about the disc but this problem can be
probably ignored in most use cases (secure stolen laptop etc)

Milan

Re: [dm-crypt] Security of cloned disks (with changed passphrases)

[Nargis Khan]

Hi Everyone,

I have a dm-crypt compiled kernel image.I have also compiled Cryptsetup.Through what commands can I link both??
As I am quite new in this field,i have no idea at all.
Please help.

Regards,
Nargis
________________________________________
From: dm-crypt-bounces@saout.de [dm-crypt-bounces@saout.de] On Behalf Of Matthew Mosesohn [mmosesoh@redhat.com]
Sent: Thursday, December 16, 2010 11:57 PM
To: dm-crypt@saout.de
Subject: [dm-crypt] Security of cloned disks (with changed passphrases)

I am wondering if I perform this setup (cryptsetup version 1.1.2), how much risk do I expose my systems to?

Step 1: Create a base install that is encrypted with a fixed passphrase
Step 2: Create a disk image of this installed system
Step 3: Deploy image on N number of other systems
Step 4: Change the passphrase on all deployed systems

What happens if the passphrase becomes compromised on one of these systems?  Can that person gain the original LUKS AES key to the disk and therefore obtain a way to break into all of the other systems?

If yes, is there anything to do on each cloned system to improve security?

--
Best Regards,
Matthew Mosesohn

SASKEN BUSINESS DISCLAIMER: This message may contain confidential, proprietary or legally privileged information. In case you are not the original intended Recipient of the message, you must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message and you are requested to delete it and inform the sender. Any views expressed in this message are those of the individual sender unless otherwise stated. Nothing contained in this message shall be construed as an offer or acceptance of any offer by Sasken Communication Technologies Limited ("Sasken") unless sent with that express intent and with due authority of Sasken. Sasken has taken enough precautions to prevent the spread of viruses. However the company accepts no liability for any damage caused by any virus transmitted by this email.
Read Disclaimer at http://www.sasken.com/extras/mail_disclaimer.html