From: Chris Drake <Tech@CryptoPhoto.com>
To: Andrew <list2010@lunch.za.net>
Cc: dm-crypt@saout.de
Subject: Re: [dm-crypt] LUKS self-destruct key
Date: Mon, 31 Mar 2014 17:03:05 +1000 [thread overview]
Message-ID: <1717822762.20140331170305@CryptoPhoto.com> (raw)
In-Reply-To: <20140331071730.74571bd4@burger.lunch.za.net>
Hi Andrew,
Codewise - easy.
Point-wise - I cannot see.
From your adversary's point of view, all they see is you giving them
bogus passwords that don't work. You may as well just keep giving
them bogus passwords.
The only difference is that when they point a gun at your head, with
your idea, you're 100% certain you're going to die.
Kind Regards,
Chris Drake
Monday, March 31, 2014, 3:17:30 PM, you wrote:
A> Greetings dm-crypt folks,
A> Is it feasable to add a self-destruct password to cryptsetup for
A> LUKS, such that when this password is entered, the decryption code
A> silently and deliberately overwrites all or part of the master key?
A> If you are facing an unjust order to produce a working key, having
A> the option to produce a self-destruct key would be helpful in some
A> circumstances. There are a number of ham-fisted regimes and
A> illegal groups that do not know the difference between decrypting
A> data and running untrusted code. Destroying the master key would
A> look to these like a simple failed attempt at decryption, and
A> ensure the permanenty destruction of the data that they are seeking.
A> + Give us your key
A> - I don't remember it
A> + Give Us Your Key
A> - I really don't remember it
A> + GIVE US YOUR KEY
A> - I think it's "INITIATE-SELF-DESTRUCT-SEQUENCE" but I'm not sure
A> + That didn't work
A> - I told you I don't remember
A> In pseudocode, the decryption would become something like this
A> (based on my probably faulty understanding of LUKS):
A> evaluate_password_for_slot(slot) {
A> slot_plaintext=decrypt(slot_ciphertext, password);
A> /* initiate self_destruct */
A> if
A> memcmp(slot_plaintext,SELF_DESTRUCT_PLAINTEXT,sizeof(SELF_DESTRUCT_PLAINTEXT))==0)
A> wipe_master_key();
A> wipe_key_slots();
A> }
A> /* self_destruct complete */
A> master_key = decrypt(master_ciphertext, slot_key);
A> if this_is_a_valid_master_key(master_key) { return E_SUCCESS; }
A> return E_FAIL;
A> }
A> Code changes would include:
A> Not considering a self-destruct key as a valid remaining key in luksKillSlot
A> Front-end code to create a slot as a self-destruct key
A> Back-end code to destroy the master key
A> s/SELF_DESTRUCT/ESCROW/g /* :) */
A> _______________________________________________
A> dm-crypt mailing list
A> dm-crypt@saout.de
A> http://www.saout.de/mailman/listinfo/dm-crypt
next prev parent reply other threads:[~2014-03-31 7:05 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-03-31 5:17 [dm-crypt] LUKS self-destruct key Andrew
2014-03-31 7:03 ` Chris Drake [this message]
2014-03-31 9:35 ` Arno Wagner
2014-03-31 9:52 ` Jonas Meurer
2014-03-31 12:19 ` Andrew
2014-03-31 13:06 ` Arno Wagner
2014-03-31 20:17 ` Andrew
2014-03-31 20:51 ` Heiko Rosemann
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1717822762.20140331170305@CryptoPhoto.com \
--to=tech@cryptophoto.com \
--cc=dm-crypt@saout.de \
--cc=list2010@lunch.za.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox