Re: [dm-crypt] Passphrase protected key file?

[Heiko Rosemann <heiko.rosemann@web.de>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 07/14/2011 03:35 PM, Arno Wagner wrote:
> On Thu, Jul 14, 2011 at 01:55:50PM +0200, Ma Begaj wrote:
>>> Also note that an attacker that has access to the storage could 
>>> patch your GnuPG binary or other system components.
>> 
>> well that is an another story because an attacker could in that
>> case patch cryptsetup too. if s/he can do that it is not important
>> whether you use encrypted key file on usb stick or directly
>> cryptsetup.
> 
> Indeed. But are there any realistic scenarios where
> 
> a) a passphrase is signifiacntly less secure than an encrypted 
> passphrase stored on USB with a second pasphrase to decrypt that
> 
> and
> 
> b) the attacker does not have the possibility to patch 
> GnuPG/cryptup/other things that make the second passphrase just as
> weak as the first one?
> 
> My claim is that a realistic risk analysis will show there are no
> such scenarios that are typical and hence having an encrypted
> passphrase on an USB stick does not offer improved security.

Improved security over which other setup?

a) Unencrypted passphrase stored on a USB key. Here the second
encryption step will probably give additional security in case the user
looses the USB key.

b) Directly entering passphrase without the need of a USB key. Here we
have a typical risk of users using the same passphrase for different
things or even of writing it down (on a post-it note on the screen or
keyboard...). If we depend upon a USB stick with the real passphrase
(encrypted by the one on the post-it note) being present at boot the
attacker won't be able to utilize that passphrase.

If we move kernel+initrd+cryptsetup to the USB stick and boot the
machine from USB, we can even encrypt the entire harddisk, thus even
someone with physical access to the machine cannot patch cryptsetup/gnupg.

Now it only boils down to whether a user writing down his passphrase
will remember to remove the USB key ;)

Regards, Heiko

P.S: Thinking of law enforcement as the attacker (guess that is not that
a great risk for most of us), it is possible to destroy all access to
your data by destroying all the USB keys with the encrypted passphrase
on them - and then you can even tell them your passphrase...
- -- 
eMails verschlüsseln mit PGP - privacy is your right!
Mein PGP-Key zur Verifizierung: http://pgp.mit.edu

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk4e+V0ACgkQ/Vb5NagElAW5aQCfVU4p9/H64K+AQjgl33qSJjQJ
4BEAnRQ9tRptBRHM8JDdFOigyHjPH58N
=utnI
-----END PGP SIGNATURE-----