[Cryptography] randomness +- entropy

dan at geer.org dan at geer.org
Wed Nov 13 15:41:21 EST 2013


Taking a single paragraph of a single note out of context,

> A machine with an encrypted hard drive has to be able to read
> and write sectors encrypted with an existing key before boot 
> can proceed.  IMO that means it either halts during boot and 
> the BIOS asks for someone to type in the passkey (the option 
> I'd prefer on a "secure" machine) or it has the key stored 
> unencrypted somewhere (obviously less secure but probably more 
> manageable).

This is not an altogether new problem in the sense that what to do
about boot-time versus security for the always-in-demand production
environment goes at least as far back (in my humble experience) as
the stash file for the key distribution center under Kerberos.

web.mit.edu/kerberos/krb5-devel/doc/basic/stash_file_def.html [*]

In other words, make and document a decision about which cost you'd
rather bear and get on with it.

--dan


[*] The stash file is a local copy of the master key that resides
in encrypted form on the KDC's local disk. The stash file is used
to authenticate the KDC to itself automatically before starting the
kadmind and krb5kdc daemons (e.g., as part of the machine's boot
sequence). The stash file, like the keytab file, is a potential
point-of-entry for a break-in and, if compromised, would allow
unrestricted access to the Kerberos database. If you choose to
install a stash file, it should be readable only by root, and should
exist only on the KDC's local disk. The file should not be part of
any backup of the machine, unless access to the backup data is
secured as tightly as access to the master password itself.

If you choose not to install a stash file, the KDC will prompt you
for the master key each time it starts up. This means that the KDC
will not be able to start automatically, such as after a system
reboot.



More information about the cryptography mailing list