Hi, On Mon, 19 Jun 2006, Phil H wrote: > Thanks for the replies - only just saw them since my yahoo bulk folder is so full of junk. > I suppose I was thinking of watermark-type attacks, showing there actually is a filesystem in that randomness (my understanding is that v3.x loop-aes should be immune to these?), or some type of mathematical investigation designed to show the partition has not been recently overwritten by shred or somesuch but has a suspicious form of "randomness" (if such an investigation exists that is). i'cant help it, but i think the discussion about possible watermark attempts on are disk useless. Watermark attempts has to assume the cipher/modes you use... Normally there is enough evidence on a PC/Laptop that there is Crypto.. somewhere is a kernel with initrd, and normally such a pc asks for a password after boot. Not to mention the rest of the computer hardware, like the SMART-disk log which counts nicely how mant houres the drive was used, how many errors happend, and maybe makes some read/write stats. Much more interessting would it be to work on support for PKCS#11 USB tokens to get rid of the user-password. Only a minority boot from an crypto disk, so a trojan or "other" software can easily sniff your password (with X11 this is really very simple). > So my initial assumption was probably correct - it's the extraneous factors (fstab, having encryption software, etc) that probably remain the practical indicators. > Christian Kujau <evil@xxxxxxxxxx> wrote: On Wed, 14 Jun 2006, Florian Reitmeir wrote: > > "The" evils have much simpler ways to "crack" your security, a common > > way (rumors) is, that > > > > - "they" grab all your computer staff > > - see its encrypted > > s/see/assume/ ...as they can't be sure and probably won't hire a > cryptoexpert to prove this, methinks. > > > - return the computer > > - ... with an keylogger, small on the mainboard/keyboard/usb-bus/... > > - then, come about 2 weeks/months later again > > there we go again: triple-aes-1024 won't help if the cryptosystem is lame -- Florian Reitmeir - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
