[Cryptography] Wrong uses of filesystem encryption
Michael Kjörling
michael at kjorling.se
Mon Feb 2 10:52:51 EST 2015
On 31 Jan 2015 13:03 +0100, from for-gmane at mutluit.com (U.Mutlu):
> Imagine this: you have the encrypted filesystem and the accompanying keyfile.
> Even if you don't know the owning user's system password, you still
> can make the encrypted filesystem readable by just mounting it on
> your own computer, and voila!
> So, there is IMO a big security problem with such auto-mount configurations.
So, if your threat model includes that, then don't use fully automated
encryption solutions.
The key to every security decision is to first decide what you are
trying to protect against, such that proper protective measures can be
taken. If in your threat model this scenario is likely, you have to
accept some loss of convenience if you want to protect against it.
It's either that, or enjoy the convenience while accepting the risk.
> ie. if the filesystem + keyfile, or the computer / HD / stick, gets
> stolen or seized.
> After all, for what other cases is encryption good at all? :-)
Encryption does you no good if the adversary has the ciphertext _and_
the key, or has the ciphertext and is able to recover the key,
especially if the algorithm is known or can be reverse engineered. Cue
movie DVD CSS DRM for just one example.
However, it does a lot of good against an adversary that _doesn't_
have access to both of those. Examples of which are:
* Properly done crypto, which actually uses a decent key not kept in
plaintext together with the ciphertext
* Offline (or otherwise separate) storage
The first will cover the case where you are actually using the data.
The second will cover cases like backups.
--
Michael Kjörling • https://michael.kjorling.se • michael at kjorling.se
OpenPGP B501AC6429EF4514 https://michael.kjorling.se/public-keys/pgp
“People who think they know everything really annoy
those of us who know we don’t.” (Bjarne Stroustrup)
More information about the cryptography
mailing list