From: Alex Elsayed <eternaleye@gmail.com>
To: dm-crypt@saout.de
Subject: Re: [dm-crypt] passkey over network
Date: Mon, 01 Jul 2013 03:54:32 -0700 [thread overview]
Message-ID: <kqrn54$a47$1@ger.gmane.org> (raw)
In-Reply-To: CAH3kUhEjejzJNcjzEFE7KpWyE3fXCQF5jTtdDmw-fdn0+bycxw@mail.gmail.com
Roberto Spadim wrote:
> in my case it's a server, in any place in the world, and the https server
> that will send the key, is a server in my house or somewhere that i can
> 'block'/'unblock' server
> in other words, others servers only can use the disk if i say what's the
> passkey, without my passkey no mount exists
>
> i will read your links, and understand what could be done
> any others ideas?
There are still real issues here. For one, let's say there's a time when the
server will (predictably) ask - say a power loss. If someone spoofs a
request at that time, you'll need a more robust authentication mechanism
than 'looks okay to me,' something that will positively ID the machine.
The issue there is that the list of things which are usable in such a manner
is VERY limited. MAC addresses? Even if they weren't *totally* meaningless
beyond the local network where they're part of the protocol, they're
trivially spoofed. The only thing I can think of off the top of my head is
to use the TPM to store a signing key in an opaque manner and do a well-
designed challenge-response (already harder than it sounds, see the
revisions and issues of MS-CHAP), at which point I suspect we start
exceeding the amount of effort you are willing to go to.
If you also want to defend against someone taking the actual hardware and
booting an attack system on it, you'd need to use some form of Trusted Boot
to lock that key as well, and it starts becoming rather cumbersome indeed.
...for rather marginal gain.
In addition, HTTPS/SSL/TLS (at least by default) has some real issues for
this kind of thing. SSH used blindly is likely to share some of them, but is
(fortunately) somewhat better understood and ships with better defaults in
most cases.
Also, the whole question of authenticating with TLS vs SSH is the wrong
layer - you don't want to have any authorized machine get any key, you want
to tie the key given out *to* the machine. That means either doing something
like gitolite, and linking the pubkey to the data it gets OR nesting Yet
Another Authentication Mechanism inside of the session, with all of the
(squamous, rugose) pitfalls involved in designing a cryptographic protocol
of any kind.
next prev parent reply other threads:[~2013-07-01 10:54 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-06-30 22:24 [dm-crypt] passkey over network Roberto Spadim
2013-06-30 22:55 ` .. ink ..
2013-06-30 23:53 ` Roberto Spadim
2013-07-01 10:54 ` Alex Elsayed [this message]
2013-07-01 15:44 ` Arno Wagner
2013-07-01 16:56 ` .. ink ..
2013-07-01 18:53 ` Arno Wagner
2013-07-01 19:41 ` Alex Elsayed
2013-06-30 23:57 ` Arno Wagner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='kqrn54$a47$1@ger.gmane.org' \
--to=eternaleye@gmail.com \
--cc=dm-crypt@saout.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.