Re: [dm-crypt] Passphrase protected key file?

[Arno Wagner <arno@wagner.name>]

On Wed, Aug 03, 2011 at 12:35:55PM +0100, Laurence Darby wrote:
> 
> Hello again,
> 
> Arno Wagner wrote:
> 
> > > Alternatively, I could just do this:
> > > 
> > > ( cat ~/pass_key ; cat ) | cryptsetup luksOpen --key-file
> > > - /dev/loop1 loop1
> > > 
> > > so I still have to provide both the key and passphrase, terminated
> > > with Ctrl-D.  Any thoughts?
> > 
> > Yes, why do you not use the passphrase entry function of cryptsetup
> > directly? Without a specific and credible risk, there is no
> > reason to do anything of what you describe here...
> 
> 
> Ok, but I may have a reason I need to do this anyway, that probably no
> one else has - these disks are external usb connected disks and they are
> noisy, so I keep them powered off unless backing up to them. Their power
> management is really broken, or maybe linux is, so I connected them to
> a relay on the parallel port to properly power them off. That setup has
> been working for years, and to keep it automated with encryption, the
> key has to be stored somewhere, doesn't it?

Yes.
 
> I'm not sure I understand the point of having a key file, if that key
> file isn't protected somehow - an attacker would have access to the
> machine that stores the key as well.  (I'm not going to spend ?50000 on
> a HSM for this, that would be overamplifing risks by a very long way)
> 
> An attacker would have to break into the system after I've entered the
> passphrase, without powering it off (notwithstanding cold-boot
> attacks), but that's the same case as with normal disk encryption,
> isn't it? If the disks were kept powered on, I would enter the
> passphrase once at boot up, and keep the disk mounted.  Isn't that what
> everyone else does? To get the same but with the disks powering off, I
> would decrypt the passphrase to a ramfs (not /dev/shm, as that can get
> written to swap), and make cryptsetup read it from there. 

Why don't you just use decrypt_derived or have an encrypted
partition that is not powered down? You can put the keys there
without additional protection (well, root read rights, but not
more)?
 
> > I would suggest you read up a bit more on cryptography. 
> > "Cryptography Engineering" by Schneier et al. is a good book for
> > example, to get a good understanding of cryto technology
> > and risks.
> > 
> > You are at the moment in this dangerous "half-knowledge" state, 
> > were you see some risks and overamplify them, while you completely 
> > miss others. It is normal to go through this stage, but make sure 
> > you leave it behind. 
> 
> Yes, well, I know that, and really if I didn't overamplify some
> risks, then I would probably just not bother with disk encryption at
> all, but that doesn't achieve or teach me anything. Anyway, I live in
> the UK which has the RIPA act, so they send people to prison simply for
> not handing over the keys. Check the references on
> http://en.wikipedia.org/wiki/Regulation_of_Investigatory_Powers_Act_2000

Pretty bad that, I agree. The UK has given up on being 
civilized and having a fair legal system in that regard.

Arno 
-- 
Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: arno@wagner.name 
GnuPG:  ID: 1E25338F  FP: 0C30 5782 9D93 F785 E79C  0296 797F 6B50 1E25 338F
----
Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans

If it's in the news, don't worry about it.  The very definition of 
"news" is "something that hardly ever happens." -- Bruce Schneier