junk wrote: > Christophe wrote: >> junk wrote: >> >>> Christophe wrote: >>> >>>> Arno Wagner wrote: >>>> >>>> >>>>> On Wed, Oct 04, 2006 at 01:03:50AM +0200, Christophe wrote: >>>>> >>>>>> Hi, >>>>>> >>>>>> I read through the mailling-list and still have a question about >>>>>> LUKS >>>>>> and brute force attacks : >>>>>> is there a way to have LUKS block any further trial at accessing the >>>>>> encrypted partition after (for instance) 10 identification failure >>>>>> when trying to open the encrypted partition ? >>>>>> This way, brute force attack would not be possible... >>>>>> thanks for your answer ! >>>>>> >>>>> Would not help, since an attacker does not need to use the >>>>> LUKS code, but can simulate the attack. >>>>> >>>>> Arno >>>>> >>>> Thx for you answer, >>>> Still, I don't understand how he could simulate the attack, since I >>>> thought the partition was encoded with a cipher-key. >>>> I thought the cipher key was acessible only when you get the password >>>> right, then acces it from the partition table. >>>> I am sorry I dod not get deep enough into the implemantation of luks, >>>> but still I would like to understand. >>>> >>>> Do you pls have a hint for me of a link I could read, not about the >>>> implementation precisely but why an attacker could / could not >>>> attack ? >>>> >>>> thank you >>>> >>>> >>> Yes but in this scenario, the attacker has the old key so they can use >>> their old key plus the old partition header get at the key. Not sure >>> why they wouldn't just store the master key at the point they have >>> originally had access to the partition though. >>> >>> -- jeek >>> >>> >>> --------------------------------------------------------------------- >>> dm-crypt mailing list - http://www.saout.de/misc/dm-crypt/ >>> To unsubscribe, e-mail: dm-crypt-unsubscribe@xxxxxxxx >>> For additional commands, e-mail: dm-crypt-help@xxxxxxxx >>> >>> >>> >> Hello, >> I did not mean theat the attacker had the old key. He only has a copy of >> the partition or the whole disk, whatever. >> is it the same for you ? >> chris >> >> > > Sorry, I misunderstood. Yes, if the attacker has an offline copy of > the partition they can mount a brute force attack regardless of > anything LUKS or dm-crypt does. > > -- jeek > > --------------------------------------------------------------------- > dm-crypt mailing list - http://www.saout.de/misc/dm-crypt/ > To unsubscribe, e-mail: dm-crypt-unsubscribe@xxxxxxxx > For additional commands, e-mail: dm-crypt-help@xxxxxxxx > > But how ? I mean the encoded partition has been encoded with a powerfull cypher, like AES, Blowfish... hasn't it ? wouldn't it mean the attacker needs ages to eventually acces the decoded files ? chris ? -- Envoyez vous vos lettres postales sans fermer l'enveloppe ? Non ! Alors pensez à utiliser crypter vos email et envoyez moi votre clé publique ! plus d'info @ : http://openpgp.vie-privee.org/openpgp.html Par exemple : WinPt sous window$ ! http://winpt.sourceforge.net/fr/download.php --------------------------------------------------------------------- dm-crypt mailing list - http://www.saout.de/misc/dm-crypt/ To unsubscribe, e-mail: dm-crypt-unsubscribe@xxxxxxxx For additional commands, e-mail: dm-crypt-help@xxxxxxxx
