From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from das-labor.org (das-labor.org [188.40.89.130]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.server123.net (Postfix) with ESMTPS for ; Fri, 5 Feb 2016 14:49:49 +0100 (CET) Message-ID: <1454680178.7077.4.camel@das-labor.org> From: Zaolin Date: Fri, 05 Feb 2016 14:49:38 +0100 In-Reply-To: <20160205133123.GA31320@das-labor.org> References: <56B20C05.7080307@gmail.com> <1454603376.4241.5.camel@debian.org> <20160204171753.GA20874@tansi.org> <1454653850.3573.2.camel@debian.org> <20160205110232.GD29709@tansi.org> <1454678001.21086.24.camel@debian.org> <20160205133123.GA31320@das-labor.org> Content-Type: multipart/signed; micalg="pgp-sha384"; protocol="application/pgp-signature"; boundary="=-zQMCgpv1U8iKlSrFeG4o" Mime-Version: 1.0 Subject: Re: [dm-crypt] The future of disk encryption with LUKS2 List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Arno Wagner , dm-crypt@saout.de --=-zQMCgpv1U8iKlSrFeG4o Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Hi, > On Fri, Feb 05, 2016 at 14:13:21 CET, Yves-Alexis Perez wrote: > > On ven., 2016-02-05 at 12:02 +0100, Arno Wagner wrote: > > > > Think external drives / removable storage? > > >=20 > > > An attacker with physical access that you do not notice has=C2=A0 > > > won. Storage encryption does not protect here. Think, for=C2=A0 > > > example, "evil maid" type attacks. Storage encryption > > > is only for theft of the device (which you notice) or=C2=A0 > > > attacker access which you notice in other ways. > >=20 > > This is exactly why integrity matters? The point is to have an usb > > drive / > > external disk *fully* encrypted.=C2=A0=C2=A0The decryption is done by t= he > > host > > (which is trusted).=C2=A0=C2=A0In that case, confidentiality and integr= ity > > are both > > important. >=20 > No. You are trying to solve the wrong problem. First, disk=C2=A0 > encryption with 1:1 mapping will never give you integrity=C2=A0 > protection and the other variants kill performance. I partially agree. What's about using GCM or CCM mode of operation for disk encryption ? ;) In order to solve the evil maid issue you need hardware security and a secure boot process. >=20 > And second, who says anything abot the "evil maid" changing > things in the encrypted container? That's correct. >=20 > Seriosuly, what you want you do not do with disk encryption,=C2=A0 > but with PGP/GnuPG on file-level. >=20 > Regards, > Arno=C2=A0 Regards Zaolin --=-zQMCgpv1U8iKlSrFeG4o Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAABCQAGBQJWtKhyAAoJED+68OfYFCerjJ4P/A0oteFEAZwQ1QUvFSV4AAVB Hbkzj6tpO8IThLpHwEqeAxXcyL40mRVEqcCi5+40L7lr5jb09eUC9T/E70i4ZDng vf9W1oXDLvFUuMRxdzq8ZZqzv5F2LoU702y5qCvQhQEfP4psXdwaaHFsvpUusMPU pEEFYTydixOv5BMDjJByZ8MGW/av7LF0DMqIBePisQvPqx9WV6PDkovg3sQ9oXrp tu3B8NubKzhRSm8NY3SLQJMvw1iyt3y3kXfi1Rtxe591TvwqCDYhHX54eXbVjSG+ 3Q+vL/3oNmiOQk7FuosSTlGoH1E1Sm+aaAQUAQuW9hnWsg2u1xUu5YFEoaYepMpI Lu0rrkpQVLsNOmxdR/MqI/BxC4X4MCga90sexGRIN/E3GoIFr7GMGGJ0GXNnm9Mx pafm1kkfn+7fkSN9R/EY/CTkUpKEzd+fod5VCqkBGsR/ReZYF4YZCy/c0tQlEdh+ BKZOrM6KsQGEooG8eafg/rNV/DCi9k6QnUsXwCtt6ydIOfEPTuVIw+Yk3yVt5/QE 6U3/fk3jcAa+Aojz1MKB+HgfNXiDEhfA6gRV1Fim9RO7RFYlsRBLfFAK80P+s/qv R+v3qWXTqA/kSjbsskjOsQTfFoIx3BEmcJ8Vg/r2AkCPAXMb6b8pYNH6F79/5DX6 ZeeXhrkF/M+UI0kbnwwX =5U2W -----END PGP SIGNATURE----- --=-zQMCgpv1U8iKlSrFeG4o--