On 21.06.2007 11:55:46, coderman wrote: > On 6/21/07, Benjamin Schieder <blindcoder@xxxxxxxxxxxxxxxxxxxx> wrote: > >... > >Key management is an implementation detail and should be of no concern > >to ROCKate users. > > right. but this means more work for you (to manage loop-aes keys) as > luks makes things simple(r) already. :) Well, personally I'm for luks, unless there are reasons against it. I'm no cryptographer, so I have to look at people with the respective knowledge here. Apart from that, as developer of ROCKate I consider it my job to make stuff as accessible as possible without compromising security. This goes for a preconfigured FireFox as it goes for filesystem encryption. > >> 1. cryptoloop, dm-crypt, bestcrypt, truecrypt, and loop-aes - Why > >> cryptoloop should not be used. > >> http://mareichelt.de/pub/texts.cryptoloop.php > > > >Last update is over a year old. Which parts do apply to todays kernel? > > all of the statements are current for the most part. the author > updated relevant sections to name versions where the watermarking / > plain-text attack issues were fixed in truecrypt / dm-crypt. > > dm-crypt still exposes more information than is desired during partial > block updates. (change the last bit in a loop-aes 512byte block and > you get a new block. dm-crypt just updates the last cipher block > sized portion at the end of the 512 block - 16 bytes) > > overall, any of them are a pretty good choice. the crypto will be the > last thing an adversary tries to attack here, so your key management > and user clue will be the crux. So far, I've seen three ways of doing filesystem encryption: 1) simply enter a passphrase, it gets hashed to a key one-way-or-another (hashalot, luks) 2) create the dm-crypt table, encrypt it with a gpg key. on reboot, request gpg key passphrase, pipe the table back to dm-setup 3) let the user select a cipher and then enter a passphrase (may be combined with 1, seen with loop-aes 4) Let the user do it manually These are listed in decreasing convenience. Since running `dmsetup table' still gives the required line to decrypt the block device and LiveCDs generally do not have a secure `root' account, running `dmsetup remove my_tor_home' after mount should be obvious. (Yes, one can still read it through other means, but hey, don't make it too easy) > key scrubbing and robust key schedule (less data is encrypted per key > than the others) for loop-aes multi-v3 may provide a useful benefit > depending on your needs... The need is a Tor LiveCD. Greetings, Benjamin -- Benjamin 'blindCoder' Schieder Registered Linux User #289529: http://counter.li.org finger blindcoder@xxxxxxxxxxxxxxxxxxxx | gpg --import -- /lusr/bin/brain: received signal: SIGIDIOT
Attachment:
pgpTI1LoqHJdv.pgp
Description: PGP signature