Re: [dm-crypt] Managing wrapped key ciphers with cryptsetup

From: Arno Wagner <arno@wagner.name>
To: dm-crypt@saout.de
Subject: Re: [dm-crypt] Managing wrapped key ciphers with cryptsetup
Date: Fri, 28 Apr 2017 09:22:22 +0200	[thread overview]
Message-ID: <20170428072222.GA25628@tansi.org> (raw)
In-Reply-To: <1e315fda-40da-8ea8-020e-0cb34f2c4207@eschenberg.eu>

I think hardware-specific stuff has no place in cryptsetup.
Get a kernel-driver and then create a wrapper that feeds
the key to cryptsetup, anything else is a bad design.

And if you want a system that is secure against root, then 
do not use Linux. Seriously.

Regards,
Arno

On Thu, Apr 27, 2017 at 22:06:35 CEST, Sven Eschenberg wrote:
> Hi Hendrik,
> 
> The protability of the on disk format includes, that I can basicly
> reimplement cryptsetup from scratch, without relying on the current status
> quo. Moreover I even don't need to use kernel crypto stuff at all to i.e.
> create a decrypted image of the data.
> Your HSM specific changes would be tied into cryptsetup, but if I followed
> the current specification, and had the corresponding HSM, I still would need
> the 'specifics' regarding the HSM and how to use it, to set up the actual
> mapping.
> 
> If you got some spare time:
> https://mbroz.fedorapeople.org/talks/DevConf2016/devconf2016-luks2.pdf
> 
> If the new format comes to life and allows for plugins, then if I
> reimplemented cryptsetup and had no suiting plugin for a HSM or say a
> cryptocard or whatever, I can not setup the mapping. But I'd know that I am
> prone to fail, since I lack the plugin I am supposed to use.
> 
> Now, in contrast, if you hack the HSM supprt into cryptsetup, there's no on
> disk indication and that is not really portable anymore.
> 
> Regards
> 
> -Sven
> 
> Am 27.04.2017 um 17:09 schrieb Hendrik Brueckner:
> >Hi Milan,
> >
> >>
> >>LUKS1 is portable format, we cannot bind the format to specific hardware.
> >
> >We considered that point in the merge request.  It keeps LUKS1 as a
> >portable format, there are no changes on the LUKS1 format or header.
> >Of course, there are some differences when using wrapped keys, but these
> >have been addressed without affecting the on-disk-format structure.
> >
> >
> >Thanks and kind regards,
> >   Hendrik
> >
> _______________________________________________
> dm-crypt mailing list
> dm-crypt@saout.de
> http://www.saout.de/mailman/listinfo/dm-crypt

-- 
Arno Wagner,     Dr. sc. techn., Dipl. Inform.,    Email: arno@wagner.name
GnuPG: ID: CB5D9718  FP: 12D6 C03B 1B30 33BB 13CF  B774 E35C 5FA1 CB5D 9718
----
A good decision is based on knowledge and not on numbers. -- Plato

If it's in the news, don't worry about it.  The very definition of 
"news" is "something that hardly ever happens." -- Bruce Schneier