From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.saout.de ([127.0.0.1]) by localhost (mail.saout.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id q9vjawBRi-tM for ; Tue, 4 Oct 2011 17:05:08 +0200 (CEST) Received: from lo.gmane.org (lo.gmane.org [80.91.229.12]) by mail.saout.de (Postfix) with ESMTP for ; Tue, 4 Oct 2011 17:05:07 +0200 (CEST) Received: from list by lo.gmane.org with local (Exim 4.69) (envelope-from ) id 1RB6YK-0007Lf-Oh for dm-crypt@saout.de; Tue, 04 Oct 2011 17:05:04 +0200 Received: from cable-87-78-195-20.netcologne.de ([87.78.195.20]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Tue, 04 Oct 2011 17:05:04 +0200 Received: from takethebus by cable-87-78-195-20.netcologne.de with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Tue, 04 Oct 2011 17:05:04 +0200 From: Jan Date: Tue, 4 Oct 2011 15:02:55 +0000 (UTC) Message-ID: References: <20100412171540.GA3138@tansi.org> <20100412175856.GA12353@fancy-poultry.org> <20100413154850.GA19142@tansi.org> <20100413193831.GA8772@fancy-poultry.org> <4BC4CC14.6080408@redhat.com> <20100414153050.GA3966@tansi.org> <4BC60CB2.8030902@gmail.com> <20100414233054.GC9776@tansi.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Subject: Re: [dm-crypt] =?utf-8?q?avoid_keyloggers=3A_enter_password_with_mous?= =?utf-8?q?e=09=28virtual=09keyboard=29?= List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: dm-crypt@saout.de Arno Wagner writes: > > On Wed, Apr 14, 2010 at 08:42:58PM +0200, Olivier Sessink wrote: > > Arno Wagner wrote: [...] > Well, while I do not really think the virtual keyboard will help > to a larger degree, it may still raise security a bit. It raises security to the NECESSARY level in the following scenarios: You have a fully encrypted system on your USB stick like privatix (see http://www.mandalka.name/privatix/index.html.en ) and you are sitting in an internet cafe. There's a hardware keylogger installed on that the PC you use. You lose your USB stick, maybe you even forget it in the internet cafe (this happens)! Or: You have a curious husband/roomate how knows you are using privatix to stay private. He knows where you keep the USB stick. He installs a hardware keylogger because to get access to your data. Jealous husbands are common. > In order to implement it, implement a virtual keyboard (e.g. > using TK with Perl/Python) and have it give the passphrase > to cryptsetup. Integrating a virtual keyboard into cryptsetup > is really not the UNIX way and very bad software design, as it > increases complexity significantly without need. The virtual > keyboard should be a separate tool. [In some later answer to that thread someone said cryptsetup could even read from stdin.] Unfortunately I'm not able to implement this, because I'm just a windows user how uses privatix for sake of security. Nevertheless I believe it is quite hard to get a virtual keyboard running at boot time with mouse support and all. I have a different proposal for the method to enter the password: On the screen might appear a list of all letters etc. with a random number next to it. This might look like this: A 5 a 56 B 23 b 4 C 7 c 8 ... If the user wants to enter "B" for example, he would just type in 23. The random numbers could be exchaned randomly after every letter that was "typed". This way the hardware keylogger would get a bunch of numbers without any meaning. If all letters don't fit on the srceen, onle could have something like LOWERCASE 85 By entering the random number 85 one would arrive at the table with the lowercase letters. I think this could easyly be implemented in cryptsetup as an option to enter the pasword. Unfortunately I'm not able to do that. Could the project perhaps set that as one of it's goals? I'm grateful for answers, Jan