From: Milan Broz <gmazyland@gmail.com>
To: Ciprian Dorin Craciun <ciprian.craciun@gmail.com>
Cc: dm-crypt@saout.de, ".. ink .." <mhogomchungu@gmail.com>
Subject: Re: [dm-crypt] dm-crypt "inverted" usage (i.e. exporting an "encrypted" image of a block device)
Date: Thu, 01 Aug 2013 09:43:20 +0200 [thread overview]
Message-ID: <51FA1198.6040406@gmail.com> (raw)
In-Reply-To: <CA+Tk8fyTJYSdBp-kceKeXM0e4_5D0utuW-H3tGzdLefr4CF80w@mail.gmail.com>
On 1.8.2013 9:00, Ciprian Dorin Craciun wrote:
> As said, I guess this can be obtained in two ways:
> * either if there is a "backward" mode for dm-crypt; (which I'm
> not aware of;)
No, there is not.
I hope I understand your use case correctly, bu if so, this mode
(transport over network) _cannot_ be secure.
Imagine reply attack - anyone on the way can replace old ciphertext
and you have no chance to detect it.
An example of this (very simplified) attack:
Imagine user removal. The tool (userdel) first reads /etc/shadow and
then writes it (with user removed).
Listener can e.g. revert user removal without key knowledge, he only
need to detect correct packets for this transaction and replace content
to previous version (so files remains unchanged).
No key needed, just reply manipulation with ciphertext.
Proper network encryption will detect this.
If you mean this as some experiment, good (but I think it is not
possible without switching encrypt/decrypt in dmcrypt code or in encryption
cipher module, but will think about it more later :-)
But if you mean this seriously - do not do it. Use encrypted connection
(ipsec/vpn/ssh tunnel whatever). Only these tools are designed for newtork
connection protection.
BTW I use this as a classic example of misuse of FDE...
http://mbroz.fedorapeople.org/talks/DevConf2012/img8.jpg
Milan
next prev parent reply other threads:[~2013-08-01 7:43 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-07-31 19:28 [dm-crypt] dm-crypt "inverted" usage (i.e. exporting an "encrypted" image of a block device) Ciprian Dorin Craciun
2013-08-01 0:35 ` Arno Wagner
2013-08-01 4:38 ` Ciprian Dorin Craciun
2013-08-01 6:02 ` .. ink ..
2013-08-01 7:00 ` Ciprian Dorin Craciun
2013-08-01 7:43 ` Milan Broz [this message]
2013-08-01 9:49 ` Ciprian Dorin Craciun
2013-08-01 10:41 ` Milan Broz
2013-08-01 13:34 ` Arno Wagner
2013-08-01 14:46 ` Erik Logtenberg
2013-08-01 16:17 ` Ciprian Dorin Craciun
2013-08-01 20:36 ` infrabit
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=51FA1198.6040406@gmail.com \
--to=gmazyland@gmail.com \
--cc=ciprian.craciun@gmail.com \
--cc=dm-crypt@saout.de \
--cc=mhogomchungu@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.