Plain dm-crypt

Plain dm-crypt

[christopher.toews]

Hello;
I apologize if this question has already been asked. A web search didn't 
turn anything up. Are there any plans to include plain dm-crypt support 
in a future version of grub?

Thank you.
Chris

Re: Plain dm-crypt

[Vladimir 'phcoder' Serbinenko]

[-- Attachment #1: Type: text/plain, Size: 641 bytes --]

There are patches for it but they will not be integrated as plain dm-crypt
has no advantages compared to LUKS and cannot be configured reliably when
device names change as they have no UUID
Le 27 oct. 2015 8:20 AM, <christopher.toews@riseup.net> a écrit :

> Hello;
> I apologize if this question has already been asked. A web search didn't
> turn anything up. Are there any plans to include plain dm-crypt support in
> a future version of grub?
>
> Thank you.
> Chris
>
> _______________________________________________
> Grub-devel mailing list
> Grub-devel@gnu.org
> https://lists.gnu.org/mailman/listinfo/grub-devel
>

[-- Attachment #2: Type: text/html, Size: 1052 bytes --]

Re: Plain dm-crypt

[Andrei Borzenkov]

On Tue, Oct 27, 2015 at 2:10 PM, Vladimir 'phcoder' Serbinenko
<phcoder@gmail.com> wrote:
> There are patches for it but they will not be integrated as plain dm-crypt
> has no advantages compared to LUKS and cannot be configured reliably when
> device names change as they have no UUID
>

Still there is real demand. If these patches can be made as
independent module, providing them as part of grub-extra makes sense.

> Le 27 oct. 2015 8:20 AM, <christopher.toews@riseup.net> a écrit :
>>
>> Hello;
>> I apologize if this question has already been asked. A web search didn't
>> turn anything up. Are there any plans to include plain dm-crypt support in a
>> future version of grub?
>>
>> Thank you.
>> Chris
>>
>> _______________________________________________
>> Grub-devel mailing list
>> Grub-devel@gnu.org
>> https://lists.gnu.org/mailman/listinfo/grub-devel
>
>
> _______________________________________________
> Grub-devel mailing list
> Grub-devel@gnu.org
> https://lists.gnu.org/mailman/listinfo/grub-devel
>

Re: Plain dm-crypt

[christopher.toews]

Actually, plain dm-crypt has one distinct advantage to LUKS, and that is 
one of plausible deniability. In some countries, you can be 
court-ordered to decrypt the contents of a device if it can be proven 
that encrypted contents exist. With LUKS, there is no denying it; with 
plain dm-crypt and its lack of an encryption header, the device could 
just as well have been overwritten with random data.

I boot my OS off of an encrypted thumb drive in libreboot using 
"cryptomount -a (usb0)", so UUIDs don't matter to me at all. I 
understand that for most users, this will not be the case, but I'm sure 
that there are enough of us out there who could really make use of this 
feature.

Also, for those like myself who want this feature for reasons of 
plausible deniabilty, patching it ourselves is not an option, as going 
to that length to include the feature would indicate that we are most 
likely using it, thus throwing plausible deniability out the window. In 
other words, to keep it plausible, it would have to be a stock feature 
across the board.

Chris

On 2015-10-27 11:10, Vladimir 'phcoder' Serbinenko wrote:
> There are patches for it but they will not be integrated as plain 
> dm-crypt
> has no advantages compared to LUKS and cannot be configured reliably 
> when
> device names change as they have no UUID
> Le 27 oct. 2015 8:20 AM, <christopher.toews@riseup.net> a écrit :
> 
>> Hello;
>> I apologize if this question has already been asked. A web search 
>> didn't
>> turn anything up. Are there any plans to include plain dm-crypt 
>> support in
>> a future version of grub?
>> 
>> Thank you.
>> Chris
>> 
>> _______________________________________________
>> Grub-devel mailing list
>> Grub-devel@gnu.org
>> https://lists.gnu.org/mailman/listinfo/grub-devel
>> 
> 
> _______________________________________________
> Grub-devel mailing list
> Grub-devel@gnu.org
> https://lists.gnu.org/mailman/listinfo/grub-devel

Re: Plain dm-crypt

[Vladimir 'phcoder' Serbinenko]

[-- Attachment #1: Type: text/plain, Size: 2407 bytes --]

On 29 Oct 2015 6:24 am, <christopher.toews@riseup.net> wrote:
>
> Actually, plain dm-crypt has one distinct advantage to LUKS, and that is
one of plausible deniability. In some countries, you can be court-ordered
to decrypt the contents of a device if it can be proven that encrypted
contents exist. With LUKS, there is no denying it; with plain dm-crypt and
its lack of an encryption header, the device could just as well have been
overwritten with random data.
>
> I boot my OS off of an encrypted thumb drive in libreboot using
"cryptomount -a (usb0)",
-a already means "all". Having to indicate usb0 manually is already a proof
that you have an unmarked cryptocontainer. Moreover this line exactly
illustrates my point: what is usb0 depends on other plugged device and even
his fast they are and may vary from boot to boot. I'm not quite convinced
you can deny this line plausibly
>so UUIDs don't matter to me at all. I understand that for most users, this
will not be the case, but I'm sure that there are enough of us out there
who could really make use of this feature.
>
> Also, for those like myself who want this feature for reasons of
plausible deniabilty, patching it ourselves is not an option, as going to
that length to include the feature would indicate that we are most likely
using it, thus throwing plausible deniability out the window. In other
words, to keep it plausible, it would have to be a stock feature across the
board.
>
> Chris
>
>
> On 2015-10-27 11:10, Vladimir 'phcoder' Serbinenko wrote:
>>
>> There are patches for it but they will not be integrated as plain
dm-crypt
>> has no advantages compared to LUKS and cannot be configured reliably when
>> device names change as they have no UUID
>> Le 27 oct. 2015 8:20 AM, <christopher.toews@riseup.net> a écrit :
>>
>>> Hello;
>>> I apologize if this question has already been asked. A web search didn't
>>> turn anything up. Are there any plans to include plain dm-crypt support
in
>>> a future version of grub?
>>>
>>> Thank you.
>>> Chris
>>>
>>> _______________________________________________
>>> Grub-devel mailing list
>>> Grub-devel@gnu.org
>>> https://lists.gnu.org/mailman/listinfo/grub-devel
>>>
>>
>> _______________________________________________
>> Grub-devel mailing list
>> Grub-devel@gnu.org
>> https://lists.gnu.org/mailman/listinfo/grub-devel
>
>

[-- Attachment #2: Type: text/html, Size: 3163 bytes --]

Re: Plain dm-crypt

[christopher.toews]

On 2015-10-29 08:49, Vladimir 'phcoder' Serbinenko wrote:
> -a already means "all". Having to indicate usb0 manually is already a
> proof that you have an unmarked cryptocontainer. Moreover this line
> exactly illustrates my point: what is usb0 depends on other plugged
> device and even his fast they are and may vary from boot to boot. I'm
> not quite convinced you can deny this line plausibly

No, since I type the line in manually every time, it is not located 
anywhere for it to be discovered and need denying. I know my system very 
well. I know if I put one USB drive into a slot, it will be named 
(USB0). If I plug more than one USB drive into the system, I know what 
they will be named based on their physical locations.

Look, you can't presume to know my setup better than I do and then try 
to convince me that I don't require this feature. I understand if it 
won't be included, but don't hold it out because you think people are 
too stupid to know how to use it, or worse, because you think people are 
too stupid to know that they don't need it. There are people who want 
this feature for good reasons and have the know-how to be able to 
utilize it. Why can't you just accept that?

Chris

>> 
>> 
>> On 2015-10-27 11:10, Vladimir 'phcoder' Serbinenko wrote:
>>> 
>>> There are patches for it but they will not be integrated as plain
> dm-crypt
>>> has no advantages compared to LUKS and cannot be configured
> reliably when
>>> device names change as they have no UUID
>>> Le 27 oct. 2015 8:20 AM, <christopher.toews@riseup.net> a écrit :
>>> 
>>>> Hello;
>>>> I apologize if this question has already been asked. A web search
> didn't
>>>> turn anything up. Are there any plans to include plain dm-crypt
> support in
>>>> a future version of grub?
>>>> 
>>>> Thank you.
>>>> Chris
>>>> 
>>>> _______________________________________________
>>>> Grub-devel mailing list
>>>> Grub-devel@gnu.org
>>>> https://lists.gnu.org/mailman/listinfo/grub-devel
>>>> 
>>> 
>>> _______________________________________________
>>> Grub-devel mailing list
>>> Grub-devel@gnu.org
>>> https://lists.gnu.org/mailman/listinfo/grub-devel
>> 
>> 
> 
> _______________________________________________
> Grub-devel mailing list
> Grub-devel@gnu.org
> https://lists.gnu.org/mailman/listinfo/grub-devel

Re: Plain dm-crypt

[Daniel Kahn Gillmor]

On Thu 2015-10-29 13:46:42 -0400, christopher.toews@riseup.net wrote:
> No, since I type the line in manually every time, it is not located 
> anywhere for it to be discovered and need denying. I know my system very 
> well. I know if I put one USB drive into a slot, it will be named 
> (USB0). If I plug more than one USB drive into the system, I know what 
> they will be named based on their physical locations.

"Deniable" crypto seems like it would have very limited utility [0], but
there could still be some marginal use cases for it (for people who
aren't Christopher Toews, anyway: Chris has already admitted publicly on
this list to using encryption on his high-entropy devices, so he can't
deny it any longer).

If the patchset is small/simple (i haven't seen a pointer to the patches
-- can someone supply a link?), and it doesn't introduce any troubling
UI/UX issues, providing the feature in grub doesn't seem like a terrible
idea.

The other use case that Chris hasn't mentioned is that there may be
people who don't trust LUKS to adequately protect the master dm-crypt
key for their volume.  I'm unaware of any legitimate reason to distrust
the cryptography in the LUKS header itself, but i also haven't thought
deeply about attacking it either.

> Look, you can't presume to know my setup better than I do and then try 
> to convince me that I don't require this feature. I understand if it 
> won't be included, but don't hold it out because you think people are 
> too stupid to know how to use it, or worse, because you think people are 
> too stupid to know that they don't need it. There are people who want 
> this feature for good reasons and have the know-how to be able to 
> utilize it. Why can't you just accept that?

I suspect that Vladimir isn't resistant because he thinks people are
stupid.  he's probably resistant like any other responsible long-term
developer/maintainer of crucial infrastructure.  more features == more
support == more bugs, so conservatism on adding features is healthy, and
it's not surprising that he is looking for a more concrete example of
how it might get used.

That said, it's tough to to provide a more concrete use case than the
one descirbed by Chris here.  In particular, this is a feature whose
users will generally not admit to being users (since admitting to being
a user is to lose its benefit).  So i appreciate Chris being willing to
out himself here in service of others who might like to have something
that looks deniable.

(fwiw, i'd really like it if all hard drives shipped from the
manufacturer full of high-entropy noise by default.  That would provide
people like the users Chris is advocating for with much more convincing
cover)

  --dkg

[0] https://www.debian-administration.org/users/dkg/weblog/104 discusses
    deniability for chat, but similar analysis probably applies to
    encrypted volumes.

Re: Plain dm-crypt

[Vladimir 'φ-coder/phcoder' Serbinenko]

[-- Attachment #1: Type: text/plain, Size: 1433 bytes --]

On 27.10.2015 12:15, Andrei Borzenkov wrote:
> On Tue, Oct 27, 2015 at 2:10 PM, Vladimir 'phcoder' Serbinenko
> <phcoder@gmail.com> wrote:
>> There are patches for it but they will not be integrated as plain dm-crypt
>> has no advantages compared to LUKS and cannot be configured reliably when
>> device names change as they have no UUID
>>
> 
> Still there is real demand. If these patches can be made as
> independent module, providing them as part of grub-extra makes sense.
> 
I think it makes sense to include them in main repository but it should
be a separate module and not pollute cryptomount command.
>> Le 27 oct. 2015 8:20 AM, <christopher.toews@riseup.net> a écrit :
>>>
>>> Hello;
>>> I apologize if this question has already been asked. A web search didn't
>>> turn anything up. Are there any plans to include plain dm-crypt support in a
>>> future version of grub?
>>>
>>> Thank you.
>>> Chris
>>>
>>> _______________________________________________
>>> Grub-devel mailing list
>>> Grub-devel@gnu.org
>>> https://lists.gnu.org/mailman/listinfo/grub-devel
>>
>>
>> _______________________________________________
>> Grub-devel mailing list
>> Grub-devel@gnu.org
>> https://lists.gnu.org/mailman/listinfo/grub-devel
>>
> 
> _______________________________________________
> Grub-devel mailing list
> Grub-devel@gnu.org
> https://lists.gnu.org/mailman/listinfo/grub-devel
> 



[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 213 bytes --]