[dm-crypt] Re: reg: Question on LUKS device's content exposure

[Arno Wagner <arno@wagner.name>]

On Thu, Oct 14, 2021 at 21:56:06 CEST, Michael Kjörling wrote:
> On 13 Oct 2021 08:41 +0000, from samsapi01@protonmail.ch (sami0l):
> > Suppose my VPS provider wants to view contents of
> > /mnt/sdb1_crypt_files, will they be able to mount the device file
> > /dev/sda to view the contents at /dev/mapper/sdb1_crypt or
> > /mnt/sdb1_crypt_files? Meaning, since /dev/mapper/sdb1_crypt,
> > /dev/sdb1 or /mnt/sdb1_crypt_files are *within* the main or root
> > /dev/sda will they get access to the files which is within the LUKS
> > device (and decrypted at /dev/mapper/sdb1_crypt) too?
> 
> Anyone who is in control of the hypervisor will be able to inspect the
> VM's portion of the host's RAM, and extract from it anything they
> wish, including cryptographic keys or other relevant material (or just
> copy it wholesale).
[...] 

I completely agree.  

You cannot protect a VM against the hypervisor it is running under 
and you cannot protect against the admin of that hypervisor. 

Even things like CPUs encrypting RAM only serve to protect against
other VMs on the same hardware, not against the hypervisor. 

As to the idea with a dedicated, alerted rack, I know of real-world
installations that do exectly that. This will fail with a competent
attacker as well though, as physical locks and tamper-detection 
switches are not that secure as well.

Regards,
Arno

-- 
Arno Wagner,     Dr. sc. techn., Dipl. Inform.,    Email: arno@wagner.name
GnuPG: ID: CB5D9718  FP: 12D6 C03B 1B30 33BB 13CF  B774 E35C 5FA1 CB5D 9718
----
A good decision is based on knowledge and not on numbers. -- Plato

If it's in the news, don't worry about it.  The very definition of 
"news" is "something that hardly ever happens." -- Bruce Schneier
_______________________________________________
dm-crypt mailing list -- dm-crypt@saout.de
To unsubscribe send an email to dm-crypt-leave@saout.de