Re: [dm-crypt] Question about backdoors and the NSL

[Milan Broz <gmazyland@gmail.com>]

On 05/30/2014 03:13 PM, Arno Wagner wrote:
> On Fri, May 30, 2014 at 11:07:12 CEST, web1bastler@googlemail.com wrote:
>> Hello dear cryptsetup team,
>>  
>> I want to ask if you received a national security letter because I want to
>> know if my LUKS encrypted volumes are still safe. 
> 
> First, you should know that your question is not very bright.
> Recipients of valid NSLs are not allowed to talk about them or 
> admit they have gotten one. Hence what do you expect as answer if
> there were an NSL?
> 
> But second, Milan and I are not located in the US, so I doubt
> that they could legally give either of us an NSL and even if
> they did, I doubt it would have any effect. But please notice
> that I am not answering your question, to be sure you have to 
> verify what I just said yourself.

Exactly.

Cryptsetup is opensource under clear license, every meaningful
and independent audit is welcome of course.

...

>> So I want to know if my sensitive data is still safe on a LUKS encrypted
>> volume.
> 
> It should be. But also note that it depends on more than cryptsetup.
> cryptsetup is just a set-up front-end from dm-crypt and the kernel
> encryption code. On the other hand, the only thing that could have
> a relvant backdoor there is the crypto-RNG, and there is reson to
> believe the kernel folks are taking that one pretty serious and
> it likely is not compromised.

Also I am releasing and signing source code only, so you have to trust
distro maintainers as well which are compiling the code.

Milan