Hi Clemens, (I am no cryptographer, so take my comments with that fact in mind) On Thursday 10 January 2008 14:45:40 Clemens Fruhwirth wrote: > about >embedding hardware encryption within the hard disk controller on the >north bridge. [...] >However, it got me thinking whether I trust these solution. I >inherently feel more secure when using software I wrote and compiled >myself than using hardware. This is the same for other people, so the obvious way to go would be to make the use of these variants configurable by the user. I don't really know how much this Intel mechanism is related to eg. IBM's TPM modules capabilities, but one should take care that encrypted volumes are not bound in a way to hardware specifics so that you're left with unusable data on hardware replacement, as a side thought. >What I'm more worried about is intentionally backdoored crypto >hardware. Which would be eg. writing keys to another place where it could be extracted later. It's hard for the community to verify hardware, in contrast to software. >The same task for backdooring CPUs is almost impossible. But someone going after you could also tamper your kernel/initrd, including the LUKS part, to also store the unlocked key somewhere on disk where it could be extracted later. (I recently installed everything but /boot encrypted on my notebook, that's why it came to my mind. Of course, keylogger hardware is another point.) The difference would be the number of users using a potentially backdoored hardware vs. being a single user which needs to be taken care of with eg. keylogger or tampered kernel. >I hope the community can produce good counter arguments to my >reasoning above. I hope so because, otherwise I should start to push >for performance of dm-crypt even without hardware assistance. Well, I didn't provide counter arguments, so sorry for that. On the other hand, pushing the performance is never bad, if you can afford the time... Yours, Uwe --------------------------------------------------------------------- dm-crypt mailing list - http://www.saout.de/misc/dm-crypt/ To unsubscribe, e-mail: dm-crypt-unsubscribe@xxxxxxxx For additional commands, e-mail: dm-crypt-help@xxxxxxxx
