1 |
On 06/06/2020 19:51, Rich Freeman wrote: |
2 |
> If you're talking about the drive header that is actually written to |
3 |
> disk, it is as secure as the entire drive is, since the drive contains |
4 |
> the header. |
5 |
|
6 |
I never said it was any less secure. It would be daft to even assume |
7 |
something like that as it's de facto the door to the encrypted data. |
8 |
|
9 |
The point I was making is simply that it increases the risk of data |
10 |
breach when a password is used, especially if (one of) the password(s) |
11 |
has been or is subsequently compromised. After all, it's difficult to |
12 |
remember passwords that are long enough and have high entropy. There are |
13 |
also the practicals inconveniences of having to type a long password. |
14 |
|
15 |
On 06/06/2020 19:51, Rich Freeman wrote: |
16 |
> If the password can be brute-forced then the encryption is worthless. |
17 |
> ... |
18 |
> If you're using LUKS the security of the system is only as secure as |
19 |
> your password(s). LUKS uses a random key to encrypt the drive, and it |
20 |
> applies many rounds of encryption to your password to protect the |
21 |
> session key. That will greatly slow down a brute force attack. |
22 |
> However, if your encryption key is "12345" then a brute force attack |
23 |
> is likely to succeed. |
24 |
|
25 |
Hence my previous point on ensuring a strong password. |
26 |
|
27 |
On 06/06/2020 19:51, Rich Freeman wrote: |
28 |
> Sure, if the attacker has a copy of the header they can spend as much |
29 |
> time as they wish brute-forcing it. However, the same is true if they |
30 |
> have the entire disk, and that is precisely the scenario we're trying |
31 |
> to guard against. |
32 |
|
33 |
Not true. A key file stored outside the header is arguably way more |
34 |
secure than a password - there's no longer a single point of failure. |
35 |
Then there is also the option of having a detached LUKS header that is |
36 |
never written to the block device in the first place which effectively |
37 |
leaves the adversary with a stolen brick. |
38 |
|
39 |
Are any of the "more secure" setups inconvenient to use? Sure. And I |
40 |
doubt the average person would be that paranoid to use a detached |
41 |
header, which by itself introduces a whole lot of issues like how do you |
42 |
store the header itself securely. I was merely emphasising the fact that |
43 |
when using a password, having the facility to change the password can |
44 |
give a false sense of security in a select number of cases, especially |
45 |
if the password being used prioritises memorability over sophistication, |
46 |
often leading to low entropy, and that this is particularly problematic |
47 |
for leaked passwords as brute-forcing high entropy passwords is not |
48 |
feasible anyway as per your own words. |
49 |
|
50 |
Regards, |
51 |
Victor |