| 1 |
On 06/06/2020 19:51, Rich Freeman wrote: |
| 2 |
> If you're talking about the drive header that is actually written to |
| 3 |
> disk, it is as secure as the entire drive is, since the drive contains |
| 4 |
> the header. |
| 5 |
|
| 6 |
I never said it was any less secure. It would be daft to even assume |
| 7 |
something like that as it's de facto the door to the encrypted data. |
| 8 |
|
| 9 |
The point I was making is simply that it increases the risk of data |
| 10 |
breach when a password is used, especially if (one of) the password(s) |
| 11 |
has been or is subsequently compromised. After all, it's difficult to |
| 12 |
remember passwords that are long enough and have high entropy. There are |
| 13 |
also the practicals inconveniences of having to type a long password. |
| 14 |
|
| 15 |
On 06/06/2020 19:51, Rich Freeman wrote: |
| 16 |
> If the password can be brute-forced then the encryption is worthless. |
| 17 |
> ... |
| 18 |
> If you're using LUKS the security of the system is only as secure as |
| 19 |
> your password(s). LUKS uses a random key to encrypt the drive, and it |
| 20 |
> applies many rounds of encryption to your password to protect the |
| 21 |
> session key. That will greatly slow down a brute force attack. |
| 22 |
> However, if your encryption key is "12345" then a brute force attack |
| 23 |
> is likely to succeed. |
| 24 |
|
| 25 |
Hence my previous point on ensuring a strong password. |
| 26 |
|
| 27 |
On 06/06/2020 19:51, Rich Freeman wrote: |
| 28 |
> Sure, if the attacker has a copy of the header they can spend as much |
| 29 |
> time as they wish brute-forcing it. However, the same is true if they |
| 30 |
> have the entire disk, and that is precisely the scenario we're trying |
| 31 |
> to guard against. |
| 32 |
|
| 33 |
Not true. A key file stored outside the header is arguably way more |
| 34 |
secure than a password - there's no longer a single point of failure. |
| 35 |
Then there is also the option of having a detached LUKS header that is |
| 36 |
never written to the block device in the first place which effectively |
| 37 |
leaves the adversary with a stolen brick. |
| 38 |
|
| 39 |
Are any of the "more secure" setups inconvenient to use? Sure. And I |
| 40 |
doubt the average person would be that paranoid to use a detached |
| 41 |
header, which by itself introduces a whole lot of issues like how do you |
| 42 |
store the header itself securely. I was merely emphasising the fact that |
| 43 |
when using a password, having the facility to change the password can |
| 44 |
give a false sense of security in a select number of cases, especially |
| 45 |
if the password being used prioritises memorability over sophistication, |
| 46 |
often leading to low entropy, and that this is particularly problematic |
| 47 |
for leaked passwords as brute-forcing high entropy passwords is not |
| 48 |
feasible anyway as per your own words. |
| 49 |
|
| 50 |
Regards, |
| 51 |
Victor |
Archives