On Mon, Sep 30, 2013 at 6:52 PM, Eric H. Christensen
<sparks@xxxxxxxxxxxxxxxxx> wrote:
> Proposed solution:
> LUKS provides four key slots to use for decrypting a partition. How about have one key slot that when used immediately implements a deletion of the encrypted partition (or at least the key record).
>
> Thoughts?
If the attacker has the encrypted data, the person knowing the
passphrase, know enough about LUKS to be able to unlock it, and enough
time to extract the passphrase from the victim, they also probably
have enough time to make a full copy of the encrypted partition.
Mirek
--
security mailing list
security@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/security
