[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Announce loop-AES-v3.0b file/swap crypto package

To: Jari Ruusu <jariruusu@xxxxxxxxxxxxxxxxxxxxx>
Subject: Re: Announce loop-AES-v3.0b file/swap crypto package
From: jerome etienne <jme@xxxxxxx>
Date: Thu, 20 Jan 2005 19:21:37 +0000
Cc: linux-crypto@xxxxxxxxxxxx
In-reply-to: <41EFF1E5.1D4F7CDE@users.sourceforge.net>
List-archive: <http://mail.nl.linux.org/linux-crypto/>
List-help: <mailto:ecartis@nl.linux.org?Subject=help>
List-id: <linux-crypto.nl.linux.org>
List-owner: <mailto:ecartis-owner@nl.linux.org>
List-post: <mailto:linux-crypto@nl.linux.org>
List-software: Ecartis version 1.0.0
List-subscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=subscribe>
List-unsubscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=unsubscribe>
References: <41EAE36F.35354DDF@users.sourceforge.net> <41EB3E7E.7070100@tmr.com> <41EBD4D4.882B94D@users.sourceforge.net> <1105989298.14565.36.camel@ghanima> <20050117212647.GA3754@dantooine> <1106003492.17182.17.camel@ghanima> <41ECDBA9.8030005@off.net> <41ED2CF4.C6E4FC0B@users.sourceforge.net> <41EDB92F.9070001@off.net> <41EEF0A4.1030604@anu.edu.au> <41EF944E.2090701@off.net> <41EFF1E5.1D4F7CDE@users.sourceforge.net>
Sender: linux-crypto-bounce@xxxxxxxxxxxx
User-agent: Mozilla Thunderbird 0.7.3 (X11/20040803)

Jari Ruusu wrote:

To modify encrypted data on hard disk partition means that attacker has to
root the box first. If attacker successfully roots a box, it is "game over"
securitywise right there. Only sane option after that is reinstallation
and/or restore from known good backup.

well it is a valid argument if you assume the OS has been corrupted. Nevertheless this assumption isnt mandatory, here is a scenario where it doesnt apply: 1. a user encrypt a whole removable disk with loop-aes 2. he goes in a conference and leave it unattended in a room (bad practice but it happen) 3. an attacker gets it, insert chosen data in it and put it back 4. the user replugs the removable device

=> with the current loop-aes, the attack succeed
   o the modification goes undetected and the user uses attacker's data
     as if they were legitimate.
=> with a loop-aes patched with authentication, the attack fails
   o it is detected by the authentication and the user can act
     appropriatly

my point is to make people aware of the security limit offered by the tool they use. After, they can do the knowledgeable decision to use them or not, depending on their own requirements. Thus they dont loose/leak important informations because they were not aware of those limits.


-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/

Follow-Ups:
- Re: Announce loop-AES-v3.0b file/swap crypto package
  - From: Jari Ruusu

References:
- Announce loop-AES-v3.0b file/swap crypto package
  - From: Jari Ruusu
- Re: Announce loop-AES-v3.0b file/swap crypto package
  - From: Bill Davidsen
- Re: Announce loop-AES-v3.0b file/swap crypto package
  - From: Jari Ruusu
- Re: Announce loop-AES-v3.0b file/swap crypto package
  - From: Fruhwirth Clemens
- Re: Announce loop-AES-v3.0b file/swap crypto package
  - From: markus reichelt
- Re: Announce loop-AES-v3.0b file/swap crypto package
  - From: Fruhwirth Clemens
- Re: Announce loop-AES-v3.0b file/swap crypto package
  - From: jerome etienne
- Re: Announce loop-AES-v3.0b file/swap crypto package
  - From: Jari Ruusu
- Re: Announce loop-AES-v3.0b file/swap crypto package
  - From: jerome etienne
- Re: Announce loop-AES-v3.0b file/swap crypto package
  - From: Paul Wayper
- Re: Announce loop-AES-v3.0b file/swap crypto package
  - From: jerome etienne
- Re: Announce loop-AES-v3.0b file/swap crypto package
  - From: Jari Ruusu

Prev by Date: Re: Announce loop-AES-v3.0b file/swap crypto package
Next by Date: Re: Announce loop-AES-v3.0b file/swap crypto package
Previous by thread: Re: Announce loop-AES-v3.0b file/swap crypto package
Next by thread: Re: Announce loop-AES-v3.0b file/swap crypto package
Index(es):
- Date
- Thread