* Keyfile Support for GRUBs LUKS @ 2013-11-19 23:43 Ralf Ramsauer 2013-11-20 1:31 ` Glenn Washburn 2013-11-21 15:31 ` Vladimir 'phcoder' Serbinenko 0 siblings, 2 replies; 15+ messages in thread From: Ralf Ramsauer @ 2013-11-19 23:43 UTC (permalink / raw) To: grub-devel Hi, yesterday I realised, that GRUB is already supporting LUKS and even simple DSA signature checking. I was thinking about the following setup: - fully encrypted harddisk (LUKS) (incl. rootfs). - no bootloader on harddisk - kernel + initrd inside encrypted partition - optionally: signatures of the kernel + initrd For "trusted" booting, I thought about an USB stick, that just includes GRUB, a public key for verification and a keyfile for LUKS. Using that setup, no password input would be required during boot. The USB stick can be considered as "trusted environment". Unfortunately, GRUB doesn't support keyfile for Luks up to now. As I'm quite familiar with dm-crypt and LUKS I tried to implement the keyfile feature to GRUB. After spending several hours trying to get a deeper insight into the GRUB internas I finally resigned, as I was missing documentation on several things... I was very confused about the way how GRUB2 is handling its modules and about the strategies how functions are exactly called. The aim is to implement three additional options to cryptodisk.c resp. luks.c: -k keyfile [e.g. (hd2,msdos3)/mysecretkey] -o keyfile offset [optional, default: 0] -s keyfile size [optional, default: keyfilesize] Using LUKS, a keyfile can simply be treated like a passphrase, which basically is already implemented. I would appreciate, if perhaps someone of you could help me with this issue. Thanks in advance! Ralf -- Ralf Ramsauer PGP: 0x8F10049B ^ permalink raw reply [flat|nested] 15+ messages in thread
* Re: Keyfile Support for GRUBs LUKS 2013-11-19 23:43 Keyfile Support for GRUBs LUKS Ralf Ramsauer @ 2013-11-20 1:31 ` Glenn Washburn 2013-11-20 1:55 ` Elliott Mitchell 2013-11-21 15:31 ` Vladimir 'phcoder' Serbinenko 1 sibling, 1 reply; 15+ messages in thread From: Glenn Washburn @ 2013-11-20 1:31 UTC (permalink / raw) To: grub-devel On Wed, 20 Nov 2013 00:43:37 +0100 Ralf Ramsauer <ralf+grub@ramses-pyramidenbau.de> wrote: > Hi, > > yesterday I realised, that GRUB is already supporting LUKS and even > simple DSA signature checking. > > I was thinking about the following setup: > - fully encrypted harddisk (LUKS) (incl. rootfs). > - no bootloader on harddisk > - kernel + initrd inside encrypted partition > - optionally: signatures of the kernel + initrd I've had this setup ever since grub had LUKS support, except for the signature checking. I don't really see the point of checking signatures if the kernel and initrd are encrypted. > For "trusted" booting, I thought about an USB stick, that just > includes GRUB, a public key for verification and a keyfile for LUKS. > Using that setup, no password input would be required during boot. The > USB stick can be considered as "trusted environment". Can you give more details on what you'd use the public key to verify? The initrd + kernel? I'm not sure it'll buy you much unless you're using it in combo with hardware/firmware. > Unfortunately, GRUB doesn't support keyfile for Luks up to now. As I'm > quite familiar with dm-crypt and LUKS I tried to implement the keyfile > feature to GRUB. > After spending several hours trying to get a deeper insight into the > GRUB internas I finally resigned, as I was missing documentation on > several things... > > I was very confused about the way how GRUB2 is handling its modules > and about the strategies how functions are exactly called. > The aim is to implement three additional options to cryptodisk.c resp. > luks.c: > -k keyfile [e.g. (hd2,msdos3)/mysecretkey] > -o keyfile offset [optional, default: 0] > -s keyfile size [optional, default: keyfilesize] > > Using LUKS, a keyfile can simply be treated like a passphrase, which > basically is already implemented. To open and read from a file, use grub_file_open and grub_file_read. Look at the implementation of ./grub-core/commands/cat.c for inspiration. Read in the key data into global memory in grub_cmd_cryptomount from ./grub-core/disk/cryptodisk.c. Then in luks_recover_key from grub-core/disk/luks.c use the keydata instead of asking for the password if keydata exists. This seems like one way to do it, but I'm not a grub developer, so it might not be a method they would except patches for. While you're at it, it would be nice to have support for detachable luks headers. :) Glenn > I would appreciate, if perhaps someone of you could help me with this > issue. > > Thanks in advance! > Ralf > ^ permalink raw reply [flat|nested] 15+ messages in thread
* Re: Keyfile Support for GRUBs LUKS 2013-11-20 1:31 ` Glenn Washburn @ 2013-11-20 1:55 ` Elliott Mitchell 2013-11-20 5:43 ` Glenn Washburn 0 siblings, 1 reply; 15+ messages in thread From: Elliott Mitchell @ 2013-11-20 1:55 UTC (permalink / raw) To: The development of GNU GRUB On Tue, Nov 19, 2013 at 07:31:35PM -0600, Glenn Washburn wrote: > I've had this setup ever since grub had LUKS support, except for the > signature checking. I don't really see the point of checking > signatures if the kernel and initrd are encrypted. You're setting yourself up for a *lot* of pain then. In places where security is important, *always* check signatures. Utilizing encryption without checking signatures leaves you *wide-open* to attacks! In a case like this, by observing whether the system continues or halts the attacker will be able to figuring out how the incoming stream was handled. While this may not allow them to figure out what the keys are, it will allow them to easily break in. Not checking signatures has repeatedly killed zillions of security products. If you worry about security, signatures are non-optional! -- (\___(\___(\______ --=> 8-) EHM <=-- ______/)___/)___/) \BS ( | EHeM+sigmsg@m5p.com PGP 87145445 | ) / \_CS\ | _____ -O #include <stddisclaimer.h> O- _____ | / _/ 8A19\___\_|_/58D2 7E3D DDF4 7BA6 <-PGP-> 41D1 B375 37D0 8714\_|_/___/5445 ^ permalink raw reply [flat|nested] 15+ messages in thread
* Re: Keyfile Support for GRUBs LUKS 2013-11-20 1:55 ` Elliott Mitchell @ 2013-11-20 5:43 ` Glenn Washburn 2013-11-20 5:48 ` Vladimir 'φ-coder/phcoder' Serbinenko 2013-11-20 6:42 ` Elliott Mitchell 0 siblings, 2 replies; 15+ messages in thread From: Glenn Washburn @ 2013-11-20 5:43 UTC (permalink / raw) To: grub-devel On Tue, 19 Nov 2013 17:55:40 -0800 Elliott Mitchell <ehem+grub@m5p.com> wrote: > On Tue, Nov 19, 2013 at 07:31:35PM -0600, Glenn Washburn wrote: > > I've had this setup ever since grub had LUKS support, except for the > > signature checking. I don't really see the point of checking > > signatures if the kernel and initrd are encrypted. > > You're setting yourself up for a *lot* of pain then. In places where > security is important, *always* check signatures. Utilizing > encryption without checking signatures leaves you *wide-open* to > attacks! In a case like this, by observing whether the system > continues or halts the attacker will be able to figuring out how the > incoming stream was handled. While this may not allow them to figure > out what the keys are, it will allow them to easily break in. > > Not checking signatures has repeatedly killed zillions of security > products. If you worry about security, signatures are non-optional! I'm not exactly following you. Checking signatures is a way to verify that certain data is what you expect it to be. Can you provide an example of what you mean by "observing whether the system continues or halts the attacker will be able to figuring out how the incoming stream was handled"? I'm not saying that signatures aren't useful for security. They are an essential part of trusted computing. Would you care to elaborate how in this specific instance signatures would make the system more secure? Let me be clear, my comment was based on the assumption (as stated by the OP) that the USB stick was "trusted" and the threat model is of an "evil maid" attack. Since the USB is trusted it needs no verification. What other data do we have then? A LUKS encrypted device. Assuming that the attacker does not have a way to unlock the drive, she can only do cipher text modification or mess with the LUKS header. Assuming no bugs in the LUKS header parsing of the grub on the USB, modifying the header will only potentially cause the unlocking of the device to fail (nothing signatures would prevent). Modifying the cipher text just manifests as random data corruption of the plain text device, again not a security issue and nothing that signatures would prevent. I assumed by signatures, the OP was referring to signatures for the kernel and initrd, which residing inside the encrypted volume would make signatures pointless (for this threat model). Now verifying signatures of the code on the USB would certainly be worthwhile if you didn't trust it. But again, they won't prevent a determined attacker if the signature verification code is unencrypted on the USB. Obviously untrusted code can't verify the trustworthiness of other code/data. Thus, I previously stated "I'm not sure it'll buy you much unless you're using it in combo with hardware/firmware". Looking forward to your response, Glenn ^ permalink raw reply [flat|nested] 15+ messages in thread
* Re: Keyfile Support for GRUBs LUKS 2013-11-20 5:43 ` Glenn Washburn @ 2013-11-20 5:48 ` Vladimir 'φ-coder/phcoder' Serbinenko 2013-11-20 7:02 ` Glenn Washburn 2013-11-20 6:42 ` Elliott Mitchell 1 sibling, 1 reply; 15+ messages in thread From: Vladimir 'φ-coder/phcoder' Serbinenko @ 2013-11-20 5:48 UTC (permalink / raw) To: The development of GNU GRUB [-- Attachment #1: Type: text/plain, Size: 594 bytes --] On 20.11.2013 06:43, Glenn Washburn wrote: > Modifying the cipher text just > manifests as random data corruption of the plain text device, again not > a security issue and nothing that signatures would prevent. It's a security threat. Imagine you have somewhere a routine which verifies SSH-key when connecting by network. Replace it with random data. With some significant probability this decodes to valid opcodes but which do no check. Now everyone can use your SSH. encryption provides secrecy. Signatures provide verification. Using one to achieve the other will always fail. [-- Attachment #2: OpenPGP digital signature --] [-- Type: application/pgp-signature, Size: 291 bytes --] ^ permalink raw reply [flat|nested] 15+ messages in thread
* Re: Keyfile Support for GRUBs LUKS 2013-11-20 5:48 ` Vladimir 'φ-coder/phcoder' Serbinenko @ 2013-11-20 7:02 ` Glenn Washburn 2013-11-20 7:36 ` Vladimir 'φ-coder/phcoder' Serbinenko 0 siblings, 1 reply; 15+ messages in thread From: Glenn Washburn @ 2013-11-20 7:02 UTC (permalink / raw) To: grub-devel [-- Attachment #1: Type: text/plain, Size: 2122 bytes --] On Wed, 20 Nov 2013 06:48:40 +0100 Vladimir 'φ-coder/phcoder' Serbinenko <phcoder@gmail.com> wrote: > On 20.11.2013 06:43, Glenn Washburn wrote: > > Modifying the cipher text just > > manifests as random data corruption of the plain text device, again > > not a security issue and nothing that signatures would prevent. > It's a security threat. Imagine you have somewhere a routine which > verifies SSH-key when connecting by network. Replace it with random > data. With some significant probability this decodes to valid opcodes > but which do no check. Now everyone can use your SSH. > encryption provides secrecy. Signatures provide verification. Using > one to achieve the other will always fail. > Let me see if I understand you. Suppose an attacker can modify the LUKS containers cipher text and happens to know the exact block which contains the routine for verifying the ssh key. The attacker then writes some data to that block, which will then manifest as random bytes once unencrypted. You're claiming that there's a more than insignificant probability that this could cause the verification to not happen? And thus for anyone to be able to log into the system via ssh? I hope you're not suggesting that because it would be ludicrously improbable (try executing data from /dev/random and see how far you get). If you'd like more of an analysis I can provide reasons why, but I think its fairly obvious. If I've misunderstood you (highly probable), could you explain in more detail. In the above scenario, signatures must cover those specific bytes in order to verify that you're running the correct ssh key verification code. Then, to extrapolate, you need to have signatures for all code and some data on your system. While I would agree that signatures for everything is ideal, all other things being equal, I don't think that's what the OP had in mind. Also, if this kind of threat were worth considering, why doesn't LUKS address this? It would seem fairly easy (add some HMACs in the blocks). Did they just fail to address some huge security concern? [-- Attachment #2: signature.asc --] [-- Type: application/pgp-signature, Size: 490 bytes --] ^ permalink raw reply [flat|nested] 15+ messages in thread
* Re: Keyfile Support for GRUBs LUKS 2013-11-20 7:02 ` Glenn Washburn @ 2013-11-20 7:36 ` Vladimir 'φ-coder/phcoder' Serbinenko 2013-11-21 5:57 ` Glenn Washburn 2013-11-25 10:38 ` Darren J Moffat 0 siblings, 2 replies; 15+ messages in thread From: Vladimir 'φ-coder/phcoder' Serbinenko @ 2013-11-20 7:36 UTC (permalink / raw) To: grub-devel [-- Attachment #1: Type: text/plain, Size: 2205 bytes --] On 20.11.2013 08:02, Glenn Washburn wrote: > On Wed, 20 Nov 2013 06:48:40 +0100 > Vladimir 'φ-coder/phcoder' Serbinenko <phcoder@gmail.com> wrote: > >> On 20.11.2013 06:43, Glenn Washburn wrote: >>> Modifying the cipher text just >>> manifests as random data corruption of the plain text device, again >>> not a security issue and nothing that signatures would prevent. >> It's a security threat. Imagine you have somewhere a routine which >> verifies SSH-key when connecting by network. Replace it with random >> data. With some significant probability this decodes to valid opcodes >> but which do no check. Now everyone can use your SSH. >> encryption provides secrecy. Signatures provide verification. Using >> one to achieve the other will always fail. >> > > Let me see if I understand you. Suppose an attacker can modify the LUKS > containers cipher text and happens to know the exact block which > contains the routine for verifying the ssh key. This is determenistic. > The attacker then > writes some data to that block, which will then manifest as random > bytes once unencrypted. > > You're claiming that there's a more than insignificant probability that > this could cause the verification to not happen? And thus for anyone > to be able to log into the system via ssh? I hope you're not > suggesting that because it would be ludicrously improbable (try > executing data from /dev/random and see how far you get). It's not as low as you claim. You change only 16 bytes. And you don't need the resulting code to be doing anything useful, just not crash. In CBC modes this attack is even somewhat easier. Read http://www.cs.berkeley.edu/~daw/teaching/cs261-f12/misc/if.html > Also, if this kind of threat were worth considering, why doesn't LUKS > address this? It would seem fairly easy (add some HMACs in the blocks). It's not that easy. Trouble is that you need to also prevent inconsistent rollback and for this you need to have a hash tree. Then since power failure is a possibility you need this tree to be consistent at every moment. Those issues are a bit easier to handle on FS level. ZFS supports HMACs. BtrFS perhaps will one day. [-- Attachment #2: OpenPGP digital signature --] [-- Type: application/pgp-signature, Size: 291 bytes --] ^ permalink raw reply [flat|nested] 15+ messages in thread
* Re: Keyfile Support for GRUBs LUKS 2013-11-20 7:36 ` Vladimir 'φ-coder/phcoder' Serbinenko @ 2013-11-21 5:57 ` Glenn Washburn 2013-11-25 10:38 ` Darren J Moffat 1 sibling, 0 replies; 15+ messages in thread From: Glenn Washburn @ 2013-11-21 5:57 UTC (permalink / raw) To: grub-devel [-- Attachment #1: Type: text/plain, Size: 3034 bytes --] On Wed, 20 Nov 2013 08:36:40 +0100 Vladimir 'φ-coder/phcoder' Serbinenko <phcoder@gmail.com> wrote: > On 20.11.2013 08:02, Glenn Washburn wrote: > > On Wed, 20 Nov 2013 06:48:40 +0100 > > Vladimir 'φ-coder/phcoder' Serbinenko <phcoder@gmail.com> wrote: > > > >> On 20.11.2013 06:43, Glenn Washburn wrote: > >>> Modifying the cipher text just > >>> manifests as random data corruption of the plain text device, > >>> again not a security issue and nothing that signatures would > >>> prevent. > >> It's a security threat. Imagine you have somewhere a routine which > >> verifies SSH-key when connecting by network. Replace it with random > >> data. With some significant probability this decodes to valid > >> opcodes but which do no check. Now everyone can use your SSH. > >> encryption provides secrecy. Signatures provide verification. Using > >> one to achieve the other will always fail. > >> > > > > Let me see if I understand you. Suppose an attacker can modify the > > LUKS containers cipher text and happens to know the exact block > > which contains the routine for verifying the ssh key. > This is determenistic. Are you suggesting that given a LUKS partition and no key material, it is a deterministic process to determine where the kernel is? Say you steal my laptop. Remember you can't actually read the kernel to boot because you can't decrypt the LUKS device. > > The attacker then > > writes some data to that block, which will then manifest as random > > bytes once unencrypted. > > > > You're claiming that there's a more than insignificant probability > > that this could cause the verification to not happen? And thus for > > anyone to be able to log into the system via ssh? I hope you're not > > suggesting that because it would be ludicrously improbable (try > > executing data from /dev/random and see how far you get). > It's not as low as you claim. You change only 16 bytes. And you don't > need the resulting code to be doing anything useful, just not crash. > In CBC modes this attack is even somewhat easier. > Read http://www.cs.berkeley.edu/~daw/teaching/cs261-f12/misc/if.html Very interesting reference. However, luckily, we don't have that situation. It would be highly improbable that an attacker can do cipher text modification and then see the results of that (even more improbable that it would be repeatable). > > Also, if this kind of threat were worth considering, why doesn't > > LUKS address this? It would seem fairly easy (add some HMACs in > > the blocks). > It's not that easy. Trouble is that you need to also prevent > inconsistent rollback and for this you need to have a hash tree. Then > since power failure is a possibility you need this tree to be > consistent at every moment. Those issues are a bit easier to handle > on FS level. ZFS supports HMACs. BtrFS perhaps will one day. > Why do you need rollbacks? That would seem to imply versioned block data. Thanks for the insightful response. [-- Attachment #2: signature.asc --] [-- Type: application/pgp-signature, Size: 490 bytes --] ^ permalink raw reply [flat|nested] 15+ messages in thread
* Re: Keyfile Support for GRUBs LUKS 2013-11-20 7:36 ` Vladimir 'φ-coder/phcoder' Serbinenko 2013-11-21 5:57 ` Glenn Washburn @ 2013-11-25 10:38 ` Darren J Moffat 1 sibling, 0 replies; 15+ messages in thread From: Darren J Moffat @ 2013-11-25 10:38 UTC (permalink / raw) To: The development of GNU GRUB Cc: Vladimir 'φ-coder/phcoder' Serbinenko On 11/20/13 07:36, Vladimir 'φ-coder/phcoder' Serbinenko wrote: > It's not that easy. Trouble is that you need to also prevent > inconsistent rollback and for this you need to have a hash tree. Then > since power failure is a possibility you need this tree to be consistent > at every moment. Those issues are a bit easier to handle on FS level. > ZFS supports HMACs. BtrFS perhaps will one day. Minor terminology nit: ZFS has a MAC not an HMAC. HMAC implies a hash based MAC such as HMAC-SHA256. ZFS uses AES-CCM or AES-GCM modes which are AEAD modes that produce an Auth/MAC tag. You could do an equivalent thing with AES-CBC or AES-XTS plus HMAC-SHA256 (the original ZFS crypto prototype was AES-CBC with HMAC-SHA256 but I switched to AES-CCM/GCM). -- Darren J Moffat ^ permalink raw reply [flat|nested] 15+ messages in thread
* Re: Keyfile Support for GRUBs LUKS 2013-11-20 5:43 ` Glenn Washburn 2013-11-20 5:48 ` Vladimir 'φ-coder/phcoder' Serbinenko @ 2013-11-20 6:42 ` Elliott Mitchell 2013-11-20 6:52 ` Vladimir 'φ-coder/phcoder' Serbinenko 2013-11-20 21:08 ` Glenn Washburn 1 sibling, 2 replies; 15+ messages in thread From: Elliott Mitchell @ 2013-11-20 6:42 UTC (permalink / raw) To: The development of GNU GRUB On Tue, Nov 19, 2013 at 11:43:12PM -0600, Glenn Washburn wrote: > On Tue, 19 Nov 2013 17:55:40 -0800 > Elliott Mitchell <ehem+grub@m5p.com> wrote: > > > On Tue, Nov 19, 2013 at 07:31:35PM -0600, Glenn Washburn wrote: > > > I've had this setup ever since grub had LUKS support, except for the > > > signature checking. I don't really see the point of checking > > > signatures if the kernel and initrd are encrypted. > > > > You're setting yourself up for a *lot* of pain then. In places where > > security is important, *always* check signatures. Utilizing > > encryption without checking signatures leaves you *wide-open* to > > attacks! In a case like this, by observing whether the system > > continues or halts the attacker will be able to figuring out how the > > incoming stream was handled. While this may not allow them to figure > > out what the keys are, it will allow them to easily break in. > > > > Not checking signatures has repeatedly killed zillions of security > > products. If you worry about security, signatures are non-optional! > > I'm not exactly following you. Checking signatures is a way to verify > that certain data is what you expect it to be. Can you provide an > example of what you mean by "observing whether the system > continues or halts the attacker will be able to figuring out how the > incoming stream was handled"? Some of the portions at the start of the kernel are fixed. If I have knowledge of the architecture the kernel is for, I'll be able to recover parts of the cryptographic stream by XORing the known parts. The rest of the stream is harder to recover, but I could try changing individual bytes to all 256 values and observing which values cause the processor to halt where. From this I could come up with a map of what the byte in the kernel is and what the byte of the cryptographic stream is. The process would be slow, but it is entirely doable if someone is willing to spend the resources. Heck, even the known bytes may allow someone to inject enough code to break into the kernel at a later stage. Look for information on "single byte buffer overflows" for how systems have been successfully broken into merely by initially controlling 1 byte. > I'm not saying that signatures aren't useful for security. They are an > essential part of trusted computing. Would you care to elaborate how > in this specific instance signatures would make the system more secure? I'm unsure of what threats you're worried about, so you may in fact not need the signatures. I was mostly noting you were suggesting encrypting the kernel and initrd images would be enough to protect them. This is a major no-no in the general case (yours might not be the general case). > Let me be clear, my comment was based on the assumption (as stated by > the OP) that the USB stick was "trusted" and the threat model is of an > "evil maid" attack. Since the USB is trusted it needs no verification. I'm unsure what kind of threat you think the "evil maid" is. If the USB is trusted, why bother even encrypting it? For that matter, depending on your case, you may well have the keys on the USB stick itself, at which point those could be recovered. > Now verifying signatures of the code on the USB would certainly be > worthwhile if you didn't trust it. But again, they won't prevent a > determined attacker if the signature verification code is unencrypted > on the USB. Obviously untrusted code can't verify the trustworthiness > of other code/data. Thus, I previously stated "I'm not sure it'll buy > you much unless you're using it in combo with hardware/firmware". If one really wants to be absolutely 100% secure, yes you need firmware to verify everything. As such, this may well be outside the threat model you're concerned with. In the general case though merely encrypting is not enough. -- (\___(\___(\______ --=> 8-) EHM <=-- ______/)___/)___/) \BS ( | EHeM+sigmsg@m5p.com PGP 87145445 | ) / \_CS\ | _____ -O #include <stddisclaimer.h> O- _____ | / _/ 8A19\___\_|_/58D2 7E3D DDF4 7BA6 <-PGP-> 41D1 B375 37D0 8714\_|_/___/5445 ^ permalink raw reply [flat|nested] 15+ messages in thread
* Re: Keyfile Support for GRUBs LUKS 2013-11-20 6:42 ` Elliott Mitchell @ 2013-11-20 6:52 ` Vladimir 'φ-coder/phcoder' Serbinenko 2013-11-20 21:08 ` Glenn Washburn 1 sibling, 0 replies; 15+ messages in thread From: Vladimir 'φ-coder/phcoder' Serbinenko @ 2013-11-20 6:52 UTC (permalink / raw) To: The development of GNU GRUB [-- Attachment #1: Type: text/plain, Size: 2469 bytes --] On 20.11.2013 07:42, Elliott Mitchell wrote: > On Tue, Nov 19, 2013 at 11:43:12PM -0600, Glenn Washburn wrote: >> On Tue, 19 Nov 2013 17:55:40 -0800 >> Elliott Mitchell <ehem+grub@m5p.com> wrote: >> >>> On Tue, Nov 19, 2013 at 07:31:35PM -0600, Glenn Washburn wrote: >>>> I've had this setup ever since grub had LUKS support, except for the >>>> signature checking. I don't really see the point of checking >>>> signatures if the kernel and initrd are encrypted. >>> >>> You're setting yourself up for a *lot* of pain then. In places where >>> security is important, *always* check signatures. Utilizing >>> encryption without checking signatures leaves you *wide-open* to >>> attacks! In a case like this, by observing whether the system >>> continues or halts the attacker will be able to figuring out how the >>> incoming stream was handled. While this may not allow them to figure >>> out what the keys are, it will allow them to easily break in. >>> >>> Not checking signatures has repeatedly killed zillions of security >>> products. If you worry about security, signatures are non-optional! >> >> I'm not exactly following you. Checking signatures is a way to verify >> that certain data is what you expect it to be. Can you provide an >> example of what you mean by "observing whether the system >> continues or halts the attacker will be able to figuring out how the >> incoming stream was handled"? > > Some of the portions at the start of the kernel are fixed. If I have > knowledge of the architecture the kernel is for, I'll be able to recover > parts of the cryptographic stream by XORing the known parts. The rest of > the stream is harder to recover, but I could try changing individual > bytes to all 256 values and observing which values cause the processor to > halt where. From this I could come up with a map of what the byte in the > kernel is and what the byte of the cryptographic stream is. The process > would be slow, but it is entirely doable if someone is willing to spend > the resources. > > Heck, even the known bytes may allow someone to inject enough code to > break into the kernel at a later stage. Look for information on "single > byte buffer overflows" for how systems have been successfully broken into > merely by initially controlling 1 byte. You assume here stream cipher or block cipher in CTR mode. Disks are encrypted in XTS mode (usually) or some CBC-variant. [-- Attachment #2: OpenPGP digital signature --] [-- Type: application/pgp-signature, Size: 291 bytes --] ^ permalink raw reply [flat|nested] 15+ messages in thread
* Re: Keyfile Support for GRUBs LUKS 2013-11-20 6:42 ` Elliott Mitchell 2013-11-20 6:52 ` Vladimir 'φ-coder/phcoder' Serbinenko @ 2013-11-20 21:08 ` Glenn Washburn 1 sibling, 0 replies; 15+ messages in thread From: Glenn Washburn @ 2013-11-20 21:08 UTC (permalink / raw) To: grub-devel On Tue, 19 Nov 2013 22:42:27 -0800 Elliott Mitchell <ehem+grub@m5p.com> wrote: > On Tue, Nov 19, 2013 at 11:43:12PM -0600, Glenn Washburn wrote: > > On Tue, 19 Nov 2013 17:55:40 -0800 > > Elliott Mitchell <ehem+grub@m5p.com> wrote: > > > > > On Tue, Nov 19, 2013 at 07:31:35PM -0600, Glenn Washburn wrote: > > > > I've had this setup ever since grub had LUKS support, except > > > > for the signature checking. I don't really see the point of > > > > checking signatures if the kernel and initrd are encrypted. > > > > > > You're setting yourself up for a *lot* of pain then. In places > > > where security is important, *always* check signatures. Utilizing > > > encryption without checking signatures leaves you *wide-open* to > > > attacks! In a case like this, by observing whether the system > > > continues or halts the attacker will be able to figuring out how > > > the incoming stream was handled. While this may not allow them > > > to figure out what the keys are, it will allow them to easily > > > break in. > > > > > > Not checking signatures has repeatedly killed zillions of security > > > products. If you worry about security, signatures are > > > non-optional! > > > > I'm not exactly following you. Checking signatures is a way to > > verify that certain data is what you expect it to be. Can you > > provide an example of what you mean by "observing whether the system > > continues or halts the attacker will be able to figuring out how the > > incoming stream was handled"? > > Some of the portions at the start of the kernel are fixed. If I have > knowledge of the architecture the kernel is for, I'll be able to > recover parts of the cryptographic stream by XORing the known parts. > The rest of the stream is harder to recover, but I could try changing > individual bytes to all 256 values and observing which values cause > the processor to halt where. From this I could come up with a map of > what the byte in the kernel is and what the byte of the cryptographic > stream is. The process would be slow, but it is entirely doable if > someone is willing to spend the resources. > > Heck, even the known bytes may allow someone to inject enough code to > break into the kernel at a later stage. Look for information on > "single byte buffer overflows" for how systems have been successfully > broken into merely by initially controlling 1 byte. How do you know what block on disk the kernel is on? Without that you can't know that you have recovered the actual cipher stream. Also what you're suggesting assumes you can actually boot the device, which assumes you have access to the "trusted" USB stick _and_ you have a way to already decrypt the LUKS container to get the kernel. This means you already have access to the LUKS master key, but we assume that's what you're trying to get in the first place. So this doesn't work. > > I'm not saying that signatures aren't useful for security. They > > are an essential part of trusted computing. Would you care to > > elaborate how in this specific instance signatures would make the > > system more secure? > > I'm unsure of what threats you're worried about, so you may in fact > not need the signatures. I was mostly noting you were suggesting > encrypting the kernel and initrd images would be enough to protect > them. This is a major no-no in the general case (yours might not be > the general case). I was suggesting that signatures don't buy you much assuming you have a "trusted" USB _and_ kernel+initrd on the LUKS container. What's a scenario where this would matter. The one above is circular, so doesn't work. > > Let me be clear, my comment was based on the assumption (as stated > > by the OP) that the USB stick was "trusted" and the threat model is > > of an "evil maid" attack. Since the USB is trusted it needs no > > verification. > > I'm unsure what kind of threat you think the "evil maid" is. If the > USB is trusted, why bother even encrypting it? For that matter, > depending on your case, you may well have the keys on the USB stick > itself, at which point those could be recovered. The "evil maid" attack is one where an attacker has physical access to your computer. It could include physical access to the USB stick in this scenario, however the OP clearly stated "the USB stick can be considered as "trusted environment"". Thus we would limit are discussion to physical access to the full disk encrypted computer. No one as said anything about encrypting the USB. Where do you see that being discussed? Since the USB is "trusted", I take that to mean that it is not modifiable by an attacker, but in this case it makes sense to assume that its not readable either. So I assume only I have access to my USB stick. The scenario is a USB stick which boot to Grub. Grub then reads the kernel+initrd from the LUKS partition after obtaining key material (password or keyfile). > > Now verifying signatures of the code on the USB would certainly be > > worthwhile if you didn't trust it. But again, they won't prevent a > > determined attacker if the signature verification code is > > unencrypted on the USB. Obviously untrusted code can't verify the > > trustworthiness of other code/data. Thus, I previously stated "I'm > > not sure it'll buy you much unless you're using it in combo with > > hardware/firmware". > > If one really wants to be absolutely 100% secure, yes you need > firmware to verify everything. As such, this may well be outside the > threat model you're concerned with. In the general case though > merely encrypting is not enough. Firmware doesn't even give you 100%. Firmware can be flashed and there is known malware which actually embeds malicious code in firmware that it flashes. Even hardware isn't 100%. How do we know that an entity with enough power and interest hasn't made some backdoor in the Trusted Computing environment? But yes, it takes the game to a whole new level and much harder to pull off. ^ permalink raw reply [flat|nested] 15+ messages in thread
* Re: Keyfile Support for GRUBs LUKS 2013-11-19 23:43 Keyfile Support for GRUBs LUKS Ralf Ramsauer 2013-11-20 1:31 ` Glenn Washburn @ 2013-11-21 15:31 ` Vladimir 'phcoder' Serbinenko 2013-11-21 19:34 ` Ralf Ramsauer 1 sibling, 1 reply; 15+ messages in thread From: Vladimir 'phcoder' Serbinenko @ 2013-11-21 15:31 UTC (permalink / raw) To: The development of GNU GRUB [-- Attachment #1: Type: text/plain, Size: 2110 bytes --] Why do you need offset and size options? keyfile option should be repeteable. The whole array would be passed down and file would be opened instead before reading password and concatebated with it unless --no-password was specified as well. If you have remaining questions feel free to ask here or on IRC. On Nov 20, 2013 12:43 AM, "Ralf Ramsauer" <ralf+grub@ramses-pyramidenbau.de> wrote: > Hi, > > yesterday I realised, that GRUB is already supporting LUKS and even > simple DSA signature checking. > > I was thinking about the following setup: > - fully encrypted harddisk (LUKS) (incl. rootfs). > - no bootloader on harddisk > - kernel + initrd inside encrypted partition > - optionally: signatures of the kernel + initrd > > For "trusted" booting, I thought about an USB stick, that just includes > GRUB, a public key for verification and a keyfile for LUKS. > Using that setup, no password input would be required during boot. The > USB stick can be considered as "trusted environment". > > Unfortunately, GRUB doesn't support keyfile for Luks up to now. As I'm > quite familiar with dm-crypt and LUKS I tried to implement the keyfile > feature to GRUB. > After spending several hours trying to get a deeper insight into the > GRUB internas I finally resigned, as I was missing documentation on > several things... > > I was very confused about the way how GRUB2 is handling its modules and > about the strategies how functions are exactly called. > The aim is to implement three additional options to cryptodisk.c resp. > luks.c: > -k keyfile [e.g. (hd2,msdos3)/mysecretkey] > -o keyfile offset [optional, default: 0] > -s keyfile size [optional, default: keyfilesize] > > Using LUKS, a keyfile can simply be treated like a passphrase, which > basically is already implemented. > > I would appreciate, if perhaps someone of you could help me with this > issue. > > Thanks in advance! > Ralf > > -- > Ralf Ramsauer > > PGP: 0x8F10049B > > > _______________________________________________ > Grub-devel mailing list > Grub-devel@gnu.org > https://lists.gnu.org/mailman/listinfo/grub-devel > [-- Attachment #2: Type: text/html, Size: 2666 bytes --] ^ permalink raw reply [flat|nested] 15+ messages in thread
* Re: Keyfile Support for GRUBs LUKS 2013-11-21 15:31 ` Vladimir 'phcoder' Serbinenko @ 2013-11-21 19:34 ` Ralf Ramsauer 2013-11-22 3:01 ` Vladimir 'φ-coder/phcoder' Serbinenko 0 siblings, 1 reply; 15+ messages in thread From: Ralf Ramsauer @ 2013-11-21 19:34 UTC (permalink / raw) To: grub-devel [-- Attachment #1: Type: text/plain, Size: 3269 bytes --] On 11/21/13 16:31, Vladimir 'phcoder' Serbinenko wrote: > > Why do you need offset and size options? keyfile option should be > repeteable. The whole array would be passed down and file would be > opened instead before reading password and concatebated with it unless > --no-password was specified as well. If you have remaining questions > feel free to ask here or on IRC. > See man 8 cryptsetup: / --keyfile-offset value// // Skip value bytes at the beginning of the key file. Works with all commands that accepts key files.// // // --keyfile-size, -l value// // Read a maximum of value bytes from the key file. Default is to read the whole file up to the compiled-in maximum that can be queried with --help. Supplying more data than the compiled-in maximum aborts the operation.// // // This option is useful to cut trailing newlines, for example. If --keyfile-offset is also given, the size count starts after the offset. Works with all commands that accepts key files./ > On Nov 20, 2013 12:43 AM, "Ralf Ramsauer" > <ralf+grub@ramses-pyramidenbau.de > <mailto:ralf%2Bgrub@ramses-pyramidenbau.de>> wrote: > > Hi, > > yesterday I realised, that GRUB is already supporting LUKS and even > simple DSA signature checking. > > I was thinking about the following setup: > - fully encrypted harddisk (LUKS) (incl. rootfs). > - no bootloader on harddisk > - kernel + initrd inside encrypted partition > - optionally: signatures of the kernel + initrd > > For "trusted" booting, I thought about an USB stick, that just > includes > GRUB, a public key for verification and a keyfile for LUKS. > Using that setup, no password input would be required during boot. The > USB stick can be considered as "trusted environment". > > Unfortunately, GRUB doesn't support keyfile for Luks up to now. As I'm > quite familiar with dm-crypt and LUKS I tried to implement the keyfile > feature to GRUB. > After spending several hours trying to get a deeper insight into the > GRUB internas I finally resigned, as I was missing documentation on > several things... > > I was very confused about the way how GRUB2 is handling its > modules and > about the strategies how functions are exactly called. > The aim is to implement three additional options to cryptodisk.c resp. > luks.c: > -k keyfile [e.g. (hd2,msdos3)/mysecretkey] > -o keyfile offset [optional, default: 0] > -s keyfile size [optional, default: keyfilesize] > > Using LUKS, a keyfile can simply be treated like a passphrase, which > basically is already implemented. > > I would appreciate, if perhaps someone of you could help me with > this issue. > > Thanks in advance! > Ralf > > -- > Ralf Ramsauer > > PGP: 0x8F10049B > > > _______________________________________________ > Grub-devel mailing list > Grub-devel@gnu.org <mailto:Grub-devel@gnu.org> > https://lists.gnu.org/mailman/listinfo/grub-devel > > > > _______________________________________________ > Grub-devel mailing list > Grub-devel@gnu.org > https://lists.gnu.org/mailman/listinfo/grub-devel -- Ralf Ramsauer PGP: 0x8F10049B [-- Attachment #2: Type: text/html, Size: 5568 bytes --] ^ permalink raw reply [flat|nested] 15+ messages in thread
* Re: Keyfile Support for GRUBs LUKS 2013-11-21 19:34 ` Ralf Ramsauer @ 2013-11-22 3:01 ` Vladimir 'φ-coder/phcoder' Serbinenko 0 siblings, 0 replies; 15+ messages in thread From: Vladimir 'φ-coder/phcoder' Serbinenko @ 2013-11-22 3:01 UTC (permalink / raw) To: grub-devel [-- Attachment #1: Type: text/plain, Size: 1415 bytes --] On 21.11.2013 20:34, Ralf Ramsauer wrote: > On 11/21/13 16:31, Vladimir 'phcoder' Serbinenko wrote: >> >> Why do you need offset and size options? keyfile option should be >> repeteable. The whole array would be passed down and file would be >> opened instead before reading password and concatebated with it unless >> --no-password was specified as well. If you have remaining questions >> feel free to ask here or on IRC. >> > See man 8 cryptsetup: > / --keyfile-offset value// > // Skip value bytes at the beginning of the key file. > Works with all commands that accepts key files.// > // > // --keyfile-size, -l value// > // Read a maximum of value bytes from the key file. > Default is to read the whole file up to the compiled-in maximum that can > be queried with --help. Supplying more data than the compiled-in maximum > aborts the operation.// > // > // This option is useful to cut trailing newlines, for > example. If --keyfile-offset is also given, the size count starts after > the offset. Works with all commands that accepts key files./ > Cutting trailing newlines throuch such options is IMHO inelegant and would require more scripting than we currently have. Also those options result in ambiguous syntax if you have multiple keyfiles (like geli). I think it's better to skip those options, at least for now. [-- Attachment #2: OpenPGP digital signature --] [-- Type: application/pgp-signature, Size: 291 bytes --] ^ permalink raw reply [flat|nested] 15+ messages in thread
end of thread, other threads:[~2013-11-25 10:39 UTC | newest] Thread overview: 15+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2013-11-19 23:43 Keyfile Support for GRUBs LUKS Ralf Ramsauer 2013-11-20 1:31 ` Glenn Washburn 2013-11-20 1:55 ` Elliott Mitchell 2013-11-20 5:43 ` Glenn Washburn 2013-11-20 5:48 ` Vladimir 'φ-coder/phcoder' Serbinenko 2013-11-20 7:02 ` Glenn Washburn 2013-11-20 7:36 ` Vladimir 'φ-coder/phcoder' Serbinenko 2013-11-21 5:57 ` Glenn Washburn 2013-11-25 10:38 ` Darren J Moffat 2013-11-20 6:42 ` Elliott Mitchell 2013-11-20 6:52 ` Vladimir 'φ-coder/phcoder' Serbinenko 2013-11-20 21:08 ` Glenn Washburn 2013-11-21 15:31 ` Vladimir 'phcoder' Serbinenko 2013-11-21 19:34 ` Ralf Ramsauer 2013-11-22 3:01 ` Vladimir 'φ-coder/phcoder' Serbinenko
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).