From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=+Uf/=KV=saout.de=dm-crypt-bounces@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-10.3 required=3.0 tests=BAYES_00,
	HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,MENTIONS_GIT_HOSTING,
	SPF_HELO_NONE,SPF_PASS,USER_AGENT_SANE_1 autolearn=ham autolearn_force=no
	version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 612BCC47088
	for <dm-crypt@archiver.kernel.org>; Wed, 26 May 2021 17:05:07 +0000 (UTC)
Received: from mail.server123.net (mail.server123.net [78.46.64.186])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by mail.kernel.org (Postfix) with ESMTPS id C049A613E6
	for <dm-crypt@archiver.kernel.org>; Wed, 26 May 2021 17:05:06 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org C049A613E6
Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=wagner.name
Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=dm-crypt-bounces@saout.de
X-Virus-Scanned: amavisd-new at saout.de
Received-SPF: None (mailfrom) identity=mailfrom; client-ip=84.19.178.47; helo=v1.tansi.org; envelope-from=arno@wagner.name; receiver=<UNKNOWN> 
Received: from v1.tansi.org (mail.tansi.org [84.19.178.47])
	by mail.server123.net (Postfix) with ESMTP
	for <dm-crypt@saout.de>; Wed, 26 May 2021 19:02:06 +0200 (CEST)
Received: from gatewagner.dyndns.org (81-6-44-245.init7.net [81.6.44.245])
	by v1.tansi.org (Postfix) with ESMTPA id 8D69414018E
	for <dm-crypt@saout.de>; Wed, 26 May 2021 19:02:08 +0200 (CEST)
Received: by gatewagner.dyndns.org (Postfix, from userid 1000)
	id 40F4D17A267; Wed, 26 May 2021 19:02:06 +0200 (CEST)
Date: Wed, 26 May 2021 19:02:06 +0200
From: Arno Wagner <arno@wagner.name>
To: dm-crypt@saout.de
Message-ID: <20210526170206.GA19024@tansi.org>
Mail-Followup-To: dm-crypt@saout.de
References: <2040424248.1461349.1621943054284.ref@mail.yahoo.com>
 <2040424248.1461349.1621943054284@mail.yahoo.com>
 <5c8f59a4-bdb4-4ca5-bc09-3c8aa5274ceb@localhost>
MIME-Version: 1.0
Content-Disposition: inline
In-Reply-To: <5c8f59a4-bdb4-4ca5-bc09-3c8aa5274ceb@localhost>
User-Agent: Mutt/1.10.1 (2018-07-13)
Message-ID-Hash: WTU5XSR2V4WSTR4KIIO7NXPCKFZIX4ME
X-Message-ID-Hash: WTU5XSR2V4WSTR4KIIO7NXPCKFZIX4ME
X-MailFrom: arno@wagner.name
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-dm-crypt.saout.de-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; suspicious-header
X-Mailman-Version: 3.3.2
Precedence: list
Subject: [dm-crypt] Re: Luks, use the double force! :)
List-Id: <dm-crypt.saout.de>
List-Help: <mailto:dm-crypt-request@saout.de?subject=help>
List-Post: <mailto:dm-crypt@saout.de>
List-Subscribe: <mailto:dm-crypt-join@saout.de>
List-Unsubscribe: <mailto:dm-crypt-leave@saout.de>
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

On Wed, May 26, 2021 at 08:00:32 CEST, Michael Kj=F6rling wrote:
> On 25 May 2021 11:44 +0000, from xxjacs@yahoo.com (JAC):
> > Once the option 2 password is entered, the system will decrypt
> > correctly but "covertly".
> > The partition will be presented containing a series of files and/or
> > directories that the user has previously wanted to incorporate and
> > present to whoever has tried to force him to reveal his data.
> > /.../
> > I suppose that I am not the first person who thinks about this
> > solution, but I leave it there, in case it is possible to implement
> > this second option (or password).
>=20
> No, you're not the first person to think about having something like
> this. In fact, it's covered in the LUKS FAQ, and has been for a while.
> <https://gitlab.com/cryptsetup/cryptsetup/-/wikis/FrequentlyAskedQuestion=
s>
>=20
> See in particular questions 5.2 "Is LUKS insecure? Everybody can see I
> have encrypted data!" and 5.18 "What about Plausible Deniability?".

If you have feedback, comments or questions for these (or other)
FAQ items, please let me know.

Arno

--=20
Arno Wagner,     Dr. sc. techn., Dipl. Inform.,    Email: arno@wagner.name
GnuPG: ID: CB5D9718  FP: 12D6 C03B 1B30 33BB 13CF  B774 E35C 5FA1 CB5D 9718
----
A good decision is based on knowledge and not on numbers. -- Plato

If it's in the news, don't worry about it.  The very definition of=20
"news" is "something that hardly ever happens." -- Bruce Schneier
_______________________________________________
dm-crypt mailing list -- dm-crypt@saout.de
To unsubscribe send an email to dm-crypt-leave@saout.de