From: Felipe Alfaro Solana <felipe.alfaro@gmail.com>
To: Wiktor <victorjan@poczta.onet.pl>
Cc: Andreas Hartmann <andihartmann@freenet.de>, linux-kernel@vger.kernel.org
Subject: Re: crypting filesystems
Date: Tue, 5 Apr 2005 14:43:30 +0100 [thread overview]
Message-ID: <6f6293f10504050643e50a1f9@mail.gmail.com> (raw)
In-Reply-To: <4251A8C4.60007@poczta.onet.pl>
On Apr 4, 2005 9:51 PM, Wiktor <victorjan@poczta.onet.pl> wrote:
> Hi,
>
> I'm using the following method and it seems to be working fine
> (involving crypto-loop):
>
> i have normal ext3 /boot partition, where i store kernel image & initrd.
> after lilo boots the kernel, initrd sets up /dev/loop0 to be
> crypto-loop/blowfish for /dev/hda1 (losetup /dev/loop0 /dev/hda1 -e
> blowfish). losetup asks for passphrase, and (if entered correctly),
> /dev/loop0 is mounted as root filesystem (it can be done also by simple
> mount call: mount /dev/hda1 /some-place -o rw,encryption=blowfish). for
> encrypting more filesystems with one passphrase, you can read it in
> shell script in non-echo-mode (if such exists, i'm not sure), and pass
> it to mount or losetup. crypto-loop makes possible to switch encryption
> type without modifying whole initrd.
>
> Regarding your questions:
>
> > 1. In order to put in the passphrase just once a time at booting, I
> put the passphrase in a gpg-crypted file (cipher AES256 and 256Bit key
> size), which is decrypted at boot-time to /tmp (-> tmpfs) and
> immediately removed with shred, after activating the three partitions.
> Is it possible to see the cleartext password after this action in tmpfs?
>
> Disk encryption usually protects from hardware-attacks (when hacker has
> physical access to the hardware). if you keep passphrase
> reversible-encrypted, attacker can read it and run brute-force attack
> using some huge-computing-capacity. is this what you want?
>
> > 2. Is it possible to gain the passphrase from the active encrypted
> partitions (because the passphrase is somewhere held in the RAM)?
>
> Only when attacker has root privileges. But i'm not sure if it is
> possible to extract passphrase knowing both encrypted and not encrypted
> data. What i mean is that usually each filesystem begins with
> filesystem-specyfic-header, which is constant or similar to each other.
> so, if attacker has encrypted form of this header and can estimate
> unencryptes form, it can possibly gain the passphrase. (but therse are
> only my ideas, i don't know how the encryptino-algorithm works).
What´s kept in RAM is the AES key used to decrypt disk blocks.
However, the passphrase from which the AES key is derived (usually by
using a hash function) is not kept in memory.
prev parent reply other threads:[~2005-04-05 13:44 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-04-04 10:45 crypting filesystems Andreas Hartmann
2005-04-04 20:51 ` Wiktor
2005-04-05 13:43 ` Felipe Alfaro Solana [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=6f6293f10504050643e50a1f9@mail.gmail.com \
--to=felipe.alfaro@gmail.com \
--cc=andihartmann@freenet.de \
--cc=linux-kernel@vger.kernel.org \
--cc=victorjan@poczta.onet.pl \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.