While I agree with you, that cryptsetup already does a lot to prevent
data (i.e. header) loss, I don't see a reason why (optional) header
backup at some random place on the device would be such a big security
problem.
Because it would significantly decrease the efficiency of cryptsetup anti-forensic features, if i'm not wrong..
Meaning that if the header is stored somewhere in the disk, that place should be traceable: if it is random, there has to be some known place where its location is stored; if the location information is not stored, but one has to analyze the entire disk to find it, analyzing the disk would expose the header; this applies also to the "fixed header location" hypothesis.
That's what I think I have understood from previous (similar and related) discussions with Arno; please, correct me if I'm mistaken.
Regards,
Claudio
Meaning that if the header is stored somewhere in the disk, that place should be traceable: if it is random, there has to be some known place where its location is stored; if the location information is not stored, but one has to analyze the entire disk to find it, analyzing the disk would expose the header; this applies also to the "fixed header location" hypothesis.
That's what I think I have understood from previous (similar and related) discussions with Arno; please, correct me if I'm mistaken.
Regards,
Claudio
_______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
