From: Fruhwirth Clemens <clemens@endorphin.org>
To: Matt Mackall <mpm@selenic.com>
Cc: Christophe Saout <christophe@saout.de>,
linux-kernel <linux-kernel@vger.kernel.org>,
dm-crypt@saout.de, Alasdair G Kergon <agk@redhat.com>
Subject: Re: dm-crypt crypt_status reports key?
Date: Thu, 03 Feb 2005 15:18:20 +0100 [thread overview]
Message-ID: <1107440300.15236.58.camel@ghanima> (raw)
In-Reply-To: <20050203040542.GQ2493@waste.org>
[-- Attachment #1: Type: text/plain, Size: 2184 bytes --]
On Wed, 2005-02-02 at 20:05 -0800, Matt Mackall wrote:
> Dunno here, seems that having one tool that gave the kernel a key named
> "foo" and then telling dm-crypt to use key "foo" is probably not a bad
> way to go. Then we don't have stuff like "echo <key> | dmsetup create"
> and the like and the key-handling smarts can all be put in one
> separate place.
>
> Getting from here to there might be interesting though. Perhaps we can
> teach dm-crypt to understand keys of the form "keyname:<foo>"? in
> addition to raw keys to keep compatibility. Might even be possible to
> push this down into crypt_decode_key() (or a smarter variant of same).
Way too complicated. This is a crypto project, why does nobody think of
crypto to solve the problem :). Here's the idea:
Keys are handed to dm-crypt regularly the first time. But when dm-crypt
hands keys back to user space, it uses some sort of blinding to make the
keys meaningless for user space.
That can easily be done by generating a kernel internal secret after
boot, and then before handing out the keys to user space, XOR-ing the
kernel secret into the key. When these keys are handed back from user
space to the kernel, the process is reversed.
That's an effective blinding mechanism. The kernel has to remember
nothing but a single secret. No special out-of-band setup of "keyname:"
tokens, no additional management for these tokens and blinded key
becomes useless after reboot.
Of course, the blinded keys need to be distinguished from regular keys.
I propose to prepend "!" to the keys handed back to the user space, so
we have "!<hex..key>", and add a simple conditional post processing to
crypt_decode_key.
Of course, one can use encryption instead of XOR-ing with the kernel
secret as blinding mechanism, as the kernel secret can easily be
recovered by setting up a all-zero key. But the main intend of this
approach is to protect against incompetent roots and user space
programs, so I think this XOR OTP is sufficient, and further, trivially
to implement. (Actually it's a Multi Time Pad.)
--
Fruhwirth Clemens <clemens@endorphin.org> http://clemens.endorphin.org
[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 189 bytes --]
next prev parent reply other threads:[~2005-02-03 14:19 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-02-02 21:19 dm-crypt crypt_status reports key? Matt Mackall
2005-02-02 23:50 ` Alasdair G Kergon
2005-02-03 1:00 ` Matt Mackall
2005-02-03 21:53 ` Pavel Machek
2005-02-03 1:33 ` Christophe Saout
2005-02-03 1:52 ` Matt Mackall
2005-02-03 2:34 ` Christophe Saout
2005-02-03 4:05 ` Matt Mackall
2005-02-03 13:07 ` Christophe Saout
2005-02-03 14:18 ` Fruhwirth Clemens [this message]
2005-02-03 10:15 ` Christopher Warner
2005-02-03 15:17 ` Fruhwirth Clemens
2005-02-03 14:47 ` Andries Brouwer
2005-02-03 15:00 ` Fruhwirth Clemens
2005-02-04 13:27 ` [dm-crypt] " Fruhwirth Clemens
2005-02-04 14:03 ` Christophe Saout
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1107440300.15236.58.camel@ghanima \
--to=clemens@endorphin.org \
--cc=agk@redhat.com \
--cc=christophe@saout.de \
--cc=dm-crypt@saout.de \
--cc=linux-kernel@vger.kernel.org \
--cc=mpm@selenic.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox