tech-security archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: cgd (encrypted disk) support in bootblocks (Was: summer of code - scrub feature)

Roland Dowdeswell wrote:
On 1237840674 seconds since the Beginning of the UNIX epoch
Jan Danielsson wrote:

The cgd parameters could probably even be passed by the boot loader
as kernel arguments.  Then this could even work with a generic kernel,
and be set up at install time.
   The cgd parameters contains a salt value. Is it possible to store
such arguments in a file separated from the kernel? It doesn't seem
feasible for the user to enter these values manually each boot.

Also, you want to be able to deal with some of the potential
complixity that can be expressed in the parameters file.  One of
the reasons that I specifically did not choose an on the disk format
was so that the file could be extended to do such things as exec'ing
external programs to fetch keys from a central key authority.  Or
talking to an arbitrary number of key servers, etc.

Now, granted, you will not be able to have the boot blocks do most
of the more interesting features that cgdconfig(8) can do because
you lack, well, a kernel, but you do want to at least be able to
accept multiple key generation blocks instead of just a single one.

Yes; I'd already given that some thought. My goal is to keep as much of cgdconfig's flexibility as possible. Although I don't immediately see any way to provide keys from different sources, I don't want to break the possibility to use N-factor keys, in case someone finds a way.

Hmm.. Thinking a little more about it, it's pretty trivial to get access to physically separated keys -- which the kernel could access early on. A trivial hardware hack using the serial port. One could keep one part of the key on the boot media (USB-stick, CD, or whatever), and the other on the dongle. 1) Send byte x to request key 2) dongle replies @ 9600 8n1. Well, first things first.

Kind regards,
Jan Danielsson

Attachment: signature.asc
Description: OpenPGP digital signature

Home | Main Index | Thread Index | Old Index