On Thu, Jul 14, 2011 at 09:41:58PM +1000, Roscoe wrote: > On Thu, Jul 14, 2011 at 9:01 PM, Arno Wagner <arno@xxxxxxxxxxx> wrote: > ... > > I thing your risk model is wrong. Basically it covers attacks > > were the attacker has access to only the storage and at the same > > time can actually do something serious with data manipulation. > > That is a rather unlikely scenario for disk encryption. Note that > > for communication encryption, this is a real and valid scenario. > > Given the prevalence of of iSCSI, FC and similar, I wouldn't say it's > all that unlikely. That would be transport security. If you have a real, externally exposed to attackers transport device (e.g. a network cable), then you leave the area of storage encryption and need to do network encryption. > I for one would quite like assurances that network block device > providers couldn't impact my security. But, I imagine I'll have to > wait a while longer... If you, say, tunnel your network block device over SSH (or some other VPN) and use, e.g. LUKS on the storage layer in your local machine, you will be pretty secure. But you need to realize that storage encryption and communication encryption are two different things and have to be done separately. As one example, to illustrate this, consider that for CBC, you have to have different upredictable, but not secret, IVs per connection, while in disk encryption you need to have the same IV per block and the IVs should not be publicly known. Entirely different requirements, resulting from the different nature of the problem. Arno -- Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: arno@xxxxxxxxxxx GnuPG: ID: 1E25338F FP: 0C30 5782 9D93 F785 E79C 0296 797F 6B50 1E25 338F ---- Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans If it's in the news, don't worry about it. The very definition of "news" is "something that hardly ever happens." -- Bruce Schneier _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
