2011/7/12 Arno Wagner <arno@xxxxxxxxxxx>: > On Mon, Jul 11, 2011 at 11:17:32PM +0100, Laurence Darby wrote: >> Hello, >> >> My next question, what's the best way to have a passphrase >> protected key file? > > Whyever woyld you want one? If you already have a passphrase, > use that directly. The passphrase-in-file option is > for slaved devices and keys stored in hardware with some > additional protection by the hardware, e.g. keys on a chipcard. > Key storage on the device itself is actually a pretty much > unsolved problem. The onluy way to do it with a reasonable > level of security today is with costly HSMs (hardware > security modules) that have things like their own power, > extensive sensors, armoured consruction ans the like. > Expect to pay >= 50'000 EUR/USD for one that offers > reasonable security. > >> Should I encrypt it with GPG, and then do eg: >> >> gpg -d ~/pass_key | cryptsetup luksOpen --key-file - /dev/loop1 loop1 >> >> That has the advantage of using the same passphrase I use for >> everything else, but is there any security risk I'm not seeing? > > Yes, you should not reuse passphrases. If you do, of it is exposed > in one place, everything else is exposed. That said, I do > realize having a good passphrase and using it _carefully_ in > several places is better than having several bad passphrases. > Just make sure you always think about who could evasdrop before > you enter it. For example, never use your passphrase on a > computer not under your control. If you need to do that > (e.e. external storage device), use a dedicated one that > you use nowhere else. > >> I read >> that encrypting something twice or with multiple ciphers is effectively >> a new unknown cipher, potentially trivially breakable - I don't think >> that applies here, but is there anything like that I need to watch out for? > > If you have _independent_ keys, it usually is as strong as the > stronger cipher/key combination. With dependent or the same keys, > this warning is correct. Example: Using a stream cipher twice with > the same key gives you the plaintext as encryption result. > >> Alternatively, I could just do this: >> >> ( cat ~/pass_key ; cat ) | cryptsetup luksOpen --key-file - /dev/loop1 loop1 >> >> so I still have to provide both the key and passphrase, terminated with >> Ctrl-D. Any thoughts? > > Yes, why do you not use the passphrase entry function of cryptsetup > directly? Without a specific and credible risk, there is no > reason to do anything of what you describe here... everything you say is absolutely logical but having a key in an encrypted file creates under some conditions a more secure environment. you could keep a file on an usb stick: a person will need usb stick AND password for decrypting a luks device and loosing usb stick is not security problem _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
