junk wrote: > > > Christophe wrote: >> Arno Wagner wrote: >> >>> On Wed, Oct 04, 2006 at 01:03:50AM +0200, Christophe wrote: >>> >>>> Hi, >>>> >>>> I read through the mailling-list and still have a question about LUKS >>>> and brute force attacks : >>>> is there a way to have LUKS block any further trial at accessing the >>>> encrypted partition after (for instance) 10 identification failure >>>> when trying to open the encrypted partition ? >>>> This way, brute force attack would not be possible... >>>> thanks for your answer ! >>>> >>> Would not help, since an attacker does not need to use the >>> LUKS code, but can simulate the attack. >>> >>> Arno >>> >> Thx for you answer, >> Still, I don't understand how he could simulate the attack, since I >> thought the partition was encoded with a cipher-key. >> I thought the cipher key was acessible only when you get the password >> right, then acces it from the partition table. >> I am sorry I dod not get deep enough into the implemantation of luks, >> but still I would like to understand. >> >> Do you pls have a hint for me of a link I could read, not about the >> implementation precisely but why an attacker could / could not attack ? >> >> thank you >> >> > > Yes but in this scenario, the attacker has the old key so they can use > their old key plus the old partition header get at the key. Not sure > why they wouldn't just store the master key at the point they have > originally had access to the partition though. > > -- jeek > > > --------------------------------------------------------------------- > dm-crypt mailing list - http://www.saout.de/misc/dm-crypt/ > To unsubscribe, e-mail: dm-crypt-unsubscribe@xxxxxxxx > For additional commands, e-mail: dm-crypt-help@xxxxxxxx > > Hello, I did not mean theat the attacker had the old key. He only has a copy of the partition or the whole disk, whatever. is it the same for you ? chris -- Envoyez vous vos lettres postales sans fermer l'enveloppe ? Non ! Alors pensez à utiliser crypter vos email et envoyez moi votre clé publique ! plus d'info @ : http://openpgp.vie-privee.org/openpgp.html Par exemple : WinPt sous window$ ! http://winpt.sourceforge.net/fr/download.php --------------------------------------------------------------------- dm-crypt mailing list - http://www.saout.de/misc/dm-crypt/ To unsubscribe, e-mail: dm-crypt-unsubscribe@xxxxxxxx For additional commands, e-mail: dm-crypt-help@xxxxxxxx
