Peter_22@xxxxxx wrote: > > > 3. an attacker gets it, insert chosen data in it and put it > back > > Question: What do you insert where? My usb-stick is in my pocket, > my drive remains at home. You can break a door and enter. You can > steal and erase my whole drive - no doubt - 100% data loss. But > please tell me what do you want to insert, and where do you want > it? If attacker knows that you installed distro X, and that distro installer created /etc directory on your encrypted root partition at byte offset Y, and installer placed directory entry for file /etc/hosts.deny at byte offset offset Z, and if attacker has full physical acceess, then attacker can overwrite encrypted data at byte offset Z with random junk. When that random junk at byte offset Z is decrypted, the file name will decrypt to different random junk, which is not /etc/hosts.deny . Being able to rename tcp wrapper or firewall or some other important configuration file names does have security impact. If encrypted data is also authenticated, then decrypt code is able to detect ciphertext tampering and output error message to kernel log and return I/O error for that tampered data block. Unfortunately file systems do not deal with I/O errors too well. ext3 file system for example appears to treat I/O error on directory read as end-of-directory, and refuse to read any further. So directory data tampering in authenticated case most likely results in more files lost than just one or two files renamed. -- Jari Ruusu 1024R/3A220F51 5B 4B F9 BB D3 3F 52 E9 DB 1D EB E3 24 0E A9 DD - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
